lapyhvost.umoritelno.com Open in urlscan Pro
88.99.235.232 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lapyhvost.umoritelno.com/play/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=generic&utm_medium...
Effective URL:
https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Submission: On April 04 via api (April 4th 2022, 3:02:12 pm UTC) from FR — Scanned from FR

Summary HTTP 135 Redirects Links 71 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 135 HTTP transactions. The main IP is 88.99.235.232, located in Germany and belongs to HETZNER-AS, DE. The main domain is lapyhvost.umoritelno.com.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.

This is the only time lapyhvost.umoritelno.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	88.99.235.232 88.99.235.232	24940 (HETZNER-AS) (HETZNER-AS)
19	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
29	88.99.71.229 88.99.71.229	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
19	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1 34	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
135	18

3 88.99.235.232 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-235-232.clients.your-server.de

lapyhvost.umoritelno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 88.99.71.229 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.71.99.88.clients.your-server.de

3.404content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.404content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
const.404content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	607 KB
29	404content.com 3.404content.com 4.404content.com const.404content.com	610 KB
19	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	208 KB
10	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	219 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	217 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	1 KB
5	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2894	51 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	4 KB
3	umoritelno.com 1 redirects lapyhvost.umoritelno.com	24 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 28668	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	646 B
135	12

	Domain	Requested by
34	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	pagead2.googlesyndication.com	lapyhvost.umoritelno.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net lapyhvost.umoritelno.com
13	4.404content.com	lapyhvost.umoritelno.com
9	const.404content.com	lapyhvost.umoritelno.com const.404content.com
7	3.404content.com	lapyhvost.umoritelno.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	mc.yandex.ru	1 redirects lapyhvost.umoritelno.com mc.yandex.ru
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	lapyhvost.umoritelno.com	1 redirects lapyhvost.umoritelno.com
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	www.google-analytics.com	lapyhvost.umoritelno.com www.google-analytics.com
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
135	20

This site contains links to these domains. Also see Links.

Domain
sovetchiki.org
shkolaremonta.org
uiutvdome.com
weapon.temadnya.com
6cotok.org
stihi.temadnya.com
medpravila.com
interesnosti.com
odomah.org
ya-krasotka.com
podokonnik.temadnya.com
foto.temadnya.com
pitomci.temadnya.com
delaemrukami.org
cccp.temadnya.com
sreda.temadnya.com
mirvokrugnas.com
masterlomaster.samodelkinoblog.com
kurioz.temaretik.com
vkusnopoedim.temaretik.com
turizm.mirvokrugnas.com
vseonauke.com
klubstroitelei.com
otnosheniya.temaretik.com
koleso.temaretik.com
jumor.temaretik.com
formulazdorovya.com
svoimi.rukami.klubokidei.com
samodelkinoblog.com
pomogaemkompu.temaretik.com
nashideti.temaretik.com
omode.info
obiskusstve.com
drive.temaretik.com
formulakrasoty.com
klubokidei.com
moyadacha.temaretik.com
prigotovimvkusno.com
udivitelnoe.temaretik.com
umoritelno.com
jumornoj.temaretik.com
zakon.temaretik.com
mistika.temaretik.com
kredit.temaretik.com
news.temaretik.com
religiya.temaretik.com
politika.temadnya.com
goroskop.temaretik.com
golovolomka.temaretik.com
spletnik.temaretik.com
narodmed.temaretik.com
test.temaretik.com

Subject Issuer	Validity	Valid
temadnya.com R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
404content.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Frame ID: E3667CC6C166147901980011CD88BC2D
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: FD7FAC593E4A0E2F74650F2D692295D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&adk=1136080928&adf=855197701&lmt=1649084512&plaf=1%3A1&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fba=1&format=0x0&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512270&bpp=4&bdt=264&idt=320&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6941332962468&frm=20&pv=2&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393
Frame ID: F99531AEFE1D248A92CD46D4B7031A60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6516699988&adk=339622755&adf=1193357146&pi=t.ma~as.6516699988&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512274&bpp=2&bdt=267&idt=440&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5qRVgjl39&p=https%3A//lapyhvost.umoritelno.com&dtd=465
Frame ID: AF9E7F0E73688E3AB1751979FD3ABE7C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=9914447537&adk=2578498551&adf=3052770552&pi=t.ma~as.9914447537&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512276&bpp=2&bdt=269&idt=480&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TYUGlKsOXV&p=https%3A//lapyhvost.umoritelno.com&dtd=484
Frame ID: C17C6196668FA61166742876BB8FAE54
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493
Frame ID: 1944F14338EECE22197D909279F252AA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=2194311591&adk=3515028783&adf=3773213945&pi=t.ma~as.2194311591&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512279&bpp=2&bdt=273&idt=497&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=O1mGpUz6dH&p=https%3A//lapyhvost.umoritelno.com&dtd=501
Frame ID: 50F766F826ED0DDE8F7F51870E570D04
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=8854378272&adk=1213828409&adf=3312662771&pi=t.ma~as.8854378272&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512281&bpp=4&bdt=274&idt=507&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93e7cf204b49adfb-222cf1266dcd00e3%3AT%3D1649084512%3ART%3D1649084512%3AS%3DALNI_MZq59DmiFed71igDJ-Oom8jzjHBfA&prev_fmts=0x0%2C730x280%2C730x280%2C730x280%2C350x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ahqiTJhIaL&p=https%3A//lapyhvost.umoritelno.com&dtd=513
Frame ID: 5CF9C25D9D069B4FF9458E8EC2953D30
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F3F77D0CE38D8C26079FF84A541EE03F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 682C7D7AA1085E2DFB2F0C08D635C813
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1
Frame ID: 71E7F4C9EE1E6271E2DC3844759AFF8A
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: 912B0235E6A2016BF9D5C0760DD6AA9F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: 7ECB1973E46210AC119E85FFAADF6B14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: 424F659A0BE8CD9F3A3098683F033A9E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: 981B133FA491B6EC438C5457547256CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: 9F01CE4651AC1A0FA96ADE1A839240E1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: EF12B286012B0C0A0D94D47E4C86F97B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B483D98228947824075D4B8F9B4E5076
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F4FEFB10810DA7E641028B7FD914DCA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Лента публикаций

Page URL History Show full URLs

https://lapyhvost.umoritelno.com/play/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_sourc... HTTP 302
https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loa... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

135
Requests

99 %
HTTPS

82 %
IPv6

12
Domains

20
Subdomains

18
IPs

4
Countries

2012 kB
Transfer

4482 kB
Size

17
Cookies

71 Outgoing links

These are links going to different origins than the main page.

URL: https://sovetchiki.org/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Полезные советы

Search URL Search Domain Scan URL

URL: https://shkolaremonta.org/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Школа Ремонта

Search URL Search Domain Scan URL

URL: https://uiutvdome.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Роскошь и уют

Search URL Search Domain Scan URL

URL: https://weapon.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Энциклопедия оружия

Search URL Search Domain Scan URL

URL: https://6cotok.org/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: 6 соток

Search URL Search Domain Scan URL

URL: https://stihi.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Поэзия

Search URL Search Domain Scan URL

URL: https://medpravila.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Диеты со всего света

Search URL Search Domain Scan URL

URL: https://interesnosti.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: НАУКА И ЖИЗНЬ

Search URL Search Domain Scan URL

URL: https://odomah.org/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: МОЙ ДОМ

Search URL Search Domain Scan URL

URL: https://ya-krasotka.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: ВСЕГДА В ФОРМЕ!

Search URL Search Domain Scan URL

URL: https://podokonnik.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: САД НА ПОДОКОННИКЕ

Search URL Search Domain Scan URL

URL: https://foto.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Фотоискусство

Search URL Search Domain Scan URL

URL: https://pitomci.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: ПИТОМЦЫ

Search URL Search Domain Scan URL

URL: https://delaemrukami.org/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: РУКОДЕЛИЕ

Search URL Search Domain Scan URL

URL: https://cccp.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Дети перестройки

Search URL Search Domain Scan URL

URL: https://sreda.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Среда обитания

Search URL Search Domain Scan URL

URL: https://mirvokrugnas.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Непутевые заметки

Search URL Search Domain Scan URL

URL: https://masterlomaster.samodelkinoblog.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: МАСТЕРА

Search URL Search Domain Scan URL

URL: https://kurioz.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Курьезы: смешные истории

Search URL Search Domain Scan URL

URL: https://vkusnopoedim.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: ВКУСНО ПОЕДИМ!

Search URL Search Domain Scan URL

URL: https://turizm.mirvokrugnas.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Туризм и отдых

Search URL Search Domain Scan URL

URL: https://vseonauke.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Наука и техника

Search URL Search Domain Scan URL

URL: https://klubstroitelei.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Строительство и ремонт

Search URL Search Domain Scan URL

URL: https://otnosheniya.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: ОТНОШЕНИЯ

Search URL Search Domain Scan URL

URL: https://koleso.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Четыре колеса

Search URL Search Domain Scan URL

URL: https://jumor.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: ОБОРЖАКА

Search URL Search Domain Scan URL

URL: https://formulazdorovya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: КРАСОТА И ЗДОРОВЬЕ

Search URL Search Domain Scan URL

URL: https://svoimi.rukami.klubokidei.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Своими Руками

Search URL Search Domain Scan URL

URL: https://samodelkinoblog.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: СДЕЛАЙ САМ!

Search URL Search Domain Scan URL

URL: https://pomogaemkompu.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Компьютерная помощь

Search URL Search Domain Scan URL

URL: https://nashideti.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Наши дети

Search URL Search Domain Scan URL

URL: https://omode.info/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Мода

Search URL Search Domain Scan URL

URL: https://obiskusstve.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Искусство

Search URL Search Domain Scan URL

URL: https://drive.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: АВТОБЛОГ

Search URL Search Domain Scan URL

URL: https://formulakrasoty.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: КРАСОТА

Search URL Search Domain Scan URL

URL: https://klubokidei.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Очумелые ручки

Search URL Search Domain Scan URL

URL: https://moyadacha.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: ОГОРОД БЕЗ ХЛОПОТ

Search URL Search Domain Scan URL

URL: https://prigotovimvkusno.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Любимые рецепты

Search URL Search Domain Scan URL

URL: https://udivitelnoe.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: УДИВИТЕЛЬНОЕ

Search URL Search Domain Scan URL

URL: https://umoritelno.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Уморительно

Search URL Search Domain Scan URL

URL: https://jumornoj.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Отдыхаем с юмором

Search URL Search Domain Scan URL

URL: https://zakon.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Человек и Закон

Search URL Search Domain Scan URL

URL: https://mistika.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: МИСТИКА В ЖИЗНИ

Search URL Search Domain Scan URL

URL: https://kredit.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Кредитные истории

Search URL Search Domain Scan URL

URL: https://news.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: ЛЕНТА НОВОСТЕЙ

Search URL Search Domain Scan URL

URL: https://religiya.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: РЕЛИГИЯ

Search URL Search Domain Scan URL

URL: https://politika.temadnya.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Новости Политики

Search URL Search Domain Scan URL

URL: https://goroskop.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Гороскоп дня

Search URL Search Domain Scan URL

URL: https://golovolomka.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Головоломка дня

Search URL Search Domain Scan URL

URL: https://spletnik.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Звёздный сплетник

Search URL Search Domain Scan URL

URL: https://narodmed.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Народные рецепты

Search URL Search Domain Scan URL

URL: https://test.temaretik.com/profile/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?next=/
Title: Тест дня

Search URL Search Domain Scan URL

URL: https://jumor.temaretik.com/2447127623397279923/30-sluchaev-kogda-lyudi-dumali-chto-u-nih-net-kota-no-vot-zhe-on/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 30 случаев, когда люди думали, что у них нет кота, но вот же он Когда-нибудь просыпались от странного шума в вашей квартире? Слышали чужое мяуканье под окном? Находили следы от лап в вашей комнате? Не переживайте, ... 496 1 Ирина

Search URL Search Domain Scan URL

URL: https://nashideti.temaretik.com/2449551443287083621/roditeli-delyatsya-snimkami-zhizni-do-i-posle-rozhdeniya-detej/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Родители делятся снимками жизни до и после рождения детей Дети — одна из величайших радостей в жизни. В Instagram-аккаунте GotToddlered показывают темную, но веселую реальность того, что происходит, когда дет... 438 3 Карина

Search URL Search Domain Scan URL

URL: https://koleso.temaretik.com/2447982875624868371/7-samyh-malenkih-vnedorozhnikov-kotorye-slomayut-shablon/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 7 самых маленьких внедорожников, которые сломают шаблон Укоренилось мнение, что внедорожник – это, что-то очень большое и мощное, способное с легкостью преодолевать даже самые тяжелые участки пути. Во много... 389 0 Роман

Search URL Search Domain Scan URL

URL: https://moyadacha.temaretik.com/2447083704777181336/uhod-za-smorodinoj-vesnoj---kak-pravilno-obrezat-podkormit-i-obrabotat-kusty/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Уход за смородиной весной – как правильно обрезать, подкормить и обработать кусты Смородина не слишком прихотлива. Но все же не стоит забывать о кустарнике, иначе урожайность начнет снижаться, а ягоды – мельчать. Поэтому найдите вре... 440 0 Александр

Search URL Search Domain Scan URL

URL: https://udivitelnoe.temaretik.com/2449528342291941979/neveroyatnye-i-udivitelnye-fakty-o-evrope/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Невероятные и удивительные факты о Европе Европа – дом для множества культур и национальностей. С этим континентом связано немало удивительных фактов, которые будет интересно узнать как местны... 459 2 Карина

Search URL Search Domain Scan URL

URL: https://cccp.temadnya.com/2447139762480613567/7-poleznyh-privychek-sovetskoj-epohi-kotorye-stoit-vspomnit-sovremennomu-pokoleniyu/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 7 полезных привычек советской эпохи, которые стоит вспомнить современному поколению Поговорим о тех вещах, которые не мешало бы вспомнить современному обществу и вновь взять на вооружение. Посещать пункты приема стеклянной посуды (бут... 326 2 Назар

Search URL Search Domain Scan URL

URL: https://vkusnopoedim.temaretik.com/2449540228394519137/10-variantov-humusa/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 10 вариантов хумуса Так как основной компонент хумуса — горох нут, эта холодная закуска богата растительным белком, клетчаткой, железом, марганцем, триптофаном, витаминам... 485 0 Вайке

Search URL Search Domain Scan URL

URL: https://religiya.temaretik.com/2447233479037946111/velikomuchenitsa-varvara-hramy-i-ikony-nazvannye-v-ee-chest/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Великомученица Варвара: храмы и иконы, названные в ее честь Невозможно представить себе историю православия без присутствия в ней святых. Мужчины и женщины, старцы и совсем еще дети - великие страдальцы за Веру... 377 0 Ирина

Search URL Search Domain Scan URL

URL: https://svoimi.rukami.klubokidei.com/2447921424636316104/17-praktichnyh-idej-kak-sdelat-kryltso-privlekatelnym-i-pri-etom-ne-razoritsya/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 17 практичных идей, как сделать крыльцо привлекательным и при этом не разориться Крыльцо – визитная карточка любого дома, поэтому при завершении строительства ему уделяют особое внимание. А если это старое строение, то каждый домов... 419 0 Карина Рой

Search URL Search Domain Scan URL

URL: https://umoritelno.com/2447965431389751791/25-smeshnyh-obyavleniya-v-nashih-avtobusah/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 25 смешных объявления в наших автобусах Смешных случаев в маршрутках хватает! Итак, в этом выпуске «новостей» самые интересные, позитивные, смешные, забавные и прочие объявления в наших марш... 508 1 Мария

Search URL Search Domain Scan URL

URL: https://narodmed.temaretik.com/2449569813782596206/aloe-dlya-immuniteta---udarnaya-sila-narodnoj-meditsiny/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Алоэ для иммунитета — ударная сила народной медицины Рецепты с алоэ для иммунитета пользуются немалой популярностью ввиду своей простоты и действенности. Иммунитет — мощный механизм, способный самостояте... 495 1 Вайке

Search URL Search Domain Scan URL

URL: https://turizm.mirvokrugnas.com/2447200501469284578/samye-izvestnye-dostoprimechatelnosti-mira-goryachaya-dvadtsatka/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Самые известные достопримечательности мира: горячая двадцатка Путешественники со всего мира постоянно находятся в поисках вдохновения для новых маршрутов. Составить список интересных мест может быть непросто, вед... 398 1 Назар

Search URL Search Domain Scan URL

URL: https://otnosheniya.temaretik.com/2447210471121750252/svobodnye-otnosheniya-chto-eto-i-kto-na-nih-soglashaetsya/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Свободные отношения: что это и кто на них соглашается Тема открытых отношений буквально напичкана социальными табу и стереотипами. Традиционные взгляды на семью и добрачные союзы предполагают наличие верн... 374 2 Ирина

Search URL Search Domain Scan URL

URL: https://omode.info/2449525569361283673/modnye-dzhinsy-slouchi-2022-kak-nosit-stilno-topovye-obrazy/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Модные джинсы слоучи 2022. Как носить стильно. Топовые образы Удобные, не сковывающие движения джинсы mom постепенно трансформировались в еще более свободные и развязные slouchy. Джинсы слоучи (от англ. slouchy —... 711 1 Карина

Search URL Search Domain Scan URL

URL: https://samodelkinoblog.com/2447240565763606795/restavratsiya-mebeli-svoimi-rukami-komod-obityj-tkanyu/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Реставрация мебели своими руками: комод, обитый тканью Не секрет, что со временем интерьер квартир требует обновления. Переклеиваются обои, выравниваются и красятся стены, меняется покрытие пола и т.д. А ч... 396 0 Александр

Search URL Search Domain Scan URL

URL: https://interesnosti.com/2447863655059949940/10-porazhayuschih-voobrazhenie-faktov-o-velikom-zavoevatele-chingishane/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 10 поражающих воображение фактов о великом завоевателе Чингисхане Слава завоевателя не достаётся просто так. Чингисхан был не просто жестоким, а очень жестоким человеком. В течение 30 лет монгольская орда под предвод... 680 4 Марина

Search URL Search Domain Scan URL

URL: https://sreda.temadnya.com/2447182346248521939/kakie-sekrety-hranit-pamyatnik-bitve-narodov-v-lejptsige-i-kto-ego-tainstvennye-hraniteli/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Какие секреты хранит Памятник Битве Народов в Лейпциге, и кто его таинственные Хр... В октябре 1813 года в германском городе Лейпциге произошло историческое сражение. Закончилось оно, наверное, самым сокрушительным поражением грозного ... 463 0 Александр

Search URL Search Domain Scan URL

URL: https://uiutvdome.com/2447868367272413567/prekrasnaya-skandinavskaya-kvartira-s-zagorodnym-nastroeniem-v-geteborge/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: Прекрасная скандинавская квартира с загородным настроением в Гетеборге Эта квартира находится на окраине шведского города Гетеборг, в невысоком традиционном скандинавском доме, поэтому ее интерьеры пропитаны атмосферой за... 634 1 Роман

Search URL Search Domain Scan URL

URL: https://drive.temaretik.com/2447148300342921417/7-vazhnyh-otverstij-v-avtomobile-za-chistotoj-kotoryh-zabyvayut-sledit-mnogie-voditeli/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=play&utm_medium=self&utm_campaign=701M500F
Title: 7 важных отверстий в автомобиле, за чистотой которых забывают следить многие води... С каждым годом на просторах бывшего СССР становится все больше автомобилистов. К сожалению, далеко не всем тонкостям «обращения» с машиной молодых вод... 567 0 Александр

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lapyhvost.umoritelno.com/play/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore HTTP 302
https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://mc.yandex.ru/watch/40529995?wmode=7&page-url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo3vd6jkbum%3Afp%3A3587%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A387688095137%3Ahid%3A768259917%3Az%3A0%3Ai%3A20220404150152%3Aet%3A1649084513%3Ac%3A1%3Arn%3A262678363%3Arqn%3A1%3Au%3A164908451319490503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649084508576%3Anp%3ATGludXggeDg2XzY0%3Ads%3A0%2C0%2C3281%2C39%2C147%2C145%2C1%2C88%2C0%2C%2C%2C%2C3556%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649084513%3At%3A%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/40529995/1?wmode=7&page-url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo3vd6jkbum%3Afp%3A3587%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A387688095137%3Ahid%3A768259917%3Az%3A0%3Ai%3A20220404150152%3Aet%3A1649084513%3Ac%3A1%3Arn%3A262678363%3Arqn%3A1%3Au%3A164908451319490503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649084508576%3Anp%3ATGludXggeDg2XzY0%3Ads%3A0%2C0%2C3281%2C39%2C147%2C145%2C1%2C88%2C0%2C%2C%2C%2C3556%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649084513%3At%3A%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 102

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfps-C2wEQsAkYsAkyCDH2u76nni_Q HTTP 301
https://tpc.googlesyndication.com/simgad/12581545980791877918

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

135 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lapyhvost.umoritelno.com/play/
Redirect Chain

https://lapyhvost.umoritelno.com/play/2444523742653579688/10542f6a0790529d0f4f5e943f97f4c4e9b8d1fa/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

142 KB
23 KB

3282ms
3280ms

Document
text/html

88.99.235.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.99.235.232 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-99-235-232.clients.your-server.de

Software

nginx /

Resource Hash

0ee20f1cf0177a313bccb0ff55a3cc99ffb6e3308e4ddc73137fade62acd4c02

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: fr-FR,fr;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Apr 2022 15:01:51 GMT
server: nginx
vary: Accept-Encoding Cookie
x-frame-options: SAMEORIGIN

Redirect headers

content-type: text/html; charset=utf-8
date: Mon, 04 Apr 2022 15:01:48 GMT
location: /play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
server: nginx
vary: Cookie
x-frame-options: SAMEORIGIN

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 128ms
62ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46a78baa250f346d31e2645ec7c1b98232da8eeeba13839590dd8754c7fc6d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54001
x-xss-protection: 0
server: cafe
etag: 1183441482957478352
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 15:01:52 GMT

GET
H2 200 default-avatar.svg
lapyhvost.umoritelno.com/static/generic/img/ 815 B
676 B 28ms
26ms Image
image/svg+xml 88.99.235.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lapyhvost.umoritelno.com/static/generic/img/default-avatar.svg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.235.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-235-232.clients.your-server.de
Software: nginx /
Resource Hash: 1e1e5b651497b9fd2b2b3e656304cd4dbcfc599f462c7b6547afea80a37a9097

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:22:21 GMT
server: nginx
etag: "6187e11d-1e4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=15638400
content-length: 484
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
3.404content.com/resize/350x-/1/4E/1F/2447127569614767467/ 27 KB
27 KB 114ms
30ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.404content.com/resize/350x-/1/4E/1F/2447127569614767467/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 4d14f21da9859eec0db2b526e7234113e5146d29cffc341a304bf2b8ffc7ff39

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 27587
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/42/09/2449551435942593559/ 19 KB
19 KB 118ms
26ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/42/09/2449551435942593559/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 8a228287c3a2453dbf3cf6e9a4f68625f0fa554feb83fa72be7e499d583e7ddd

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 19405
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
3.404content.com/resize/350x-/1/B5/84/1928990433500202343/ 21 KB
21 KB 166ms
82ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.404content.com/resize/350x-/1/B5/84/1928990433500202343/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 664cc31258a5f70f13beb281f6cd3bd5cd1eb677abe83692f394d829bac58081

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 21732
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/61/D5/1652692231055476307/ 18 KB
18 KB 175ms
84ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/61/D5/1652692231055476307/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: ea4bebeeb715765cfa422e5cd00a323b4eb1280acb5e982791a8fc518cd53401

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 18502
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/9D/8C/1818033753371182943/ 14 KB
15 KB 175ms
84ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/9D/8C/1818033753371182943/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 495896fbac77cecb08527fd2b641a1bc125db3a64ade6c87112db81b4dcf1587

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 14719
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/6E/E8/2449528334810613678/ 17 KB
17 KB 176ms
85ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/6E/E8/2449528334810613678/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: b3d9125e9682c535190f6427ecdf078a1444bd9cdd4403fd6f1897be8538b3e2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 17232
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/C7/F8/2110237619844286368/ 22 KB
23 KB 176ms
85ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/C7/F8/2110237619844286368/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 0d912597cca069897ac3b707047552ea856b061f1cebec2da40ae11fb4670005

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 22929
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/4F/AC/1349251864181081485/ 15 KB
15 KB 176ms
85ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/4F/AC/1349251864181081485/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 9b4306d173fb23076c0207f66618a237b08417638033327e68239709a6ffb275

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 14868
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/0E/58/1395560282574030004/ 20 KB
20 KB 56ms
52ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/0E/58/1395560282574030004/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 322cc07549b9c1f2a218d96eca745e2c58676bc428498089bd3b6e2c60e53d6f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 20785
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/C2/D2/1732467605940209035/ 26 KB
26 KB 57ms
53ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/C2/D2/1732467605940209035/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 6de747b612b6c3478f08217489c2bced616eda1619378e58aaeb1baf6060d10b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 26328
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/5A/34/2447965418969630675/ 14 KB
14 KB 83ms
79ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/5A/34/2447965418969630675/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 4cba57f5d13e55db9bf2a13cf21790b84f3a2fe3982f02ddfebb157222c594d2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 14420
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
3.404content.com/resize/350x-/1/7E/4C/1168808330571810366/ 11 KB
11 KB 169ms
87ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.404content.com/resize/350x-/1/7E/4C/1168808330571810366/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 328dc3527a4aa3179572690ce4a6ae7caf51d064350efa1d8261f5fa2e3a93f4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 11413
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
3.404content.com/resize/350x-/1/29/42/2128383592474608692/ 20 KB
20 KB 31ms
27ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.404content.com/resize/350x-/1/29/42/2128383592474608692/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: b67f4feb236cbebdaf924c18e72e23ec11d33054d38cd39be2346a74bf74e1c7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 20028
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/64/43/2447210333044475666/ 21 KB
21 KB 83ms
79ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/64/43/2447210333044475666/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: fb97e481d47b0d6803673b258253c94ea9563e6a640c328b60a7795557f9f5de

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 21787
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
3.404content.com/resize/350x-/1/63/2D/2449525566440736660/ 42 KB
42 KB 47ms
43ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.404content.com/resize/350x-/1/63/2D/2449525566440736660/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 4fae2e6f4835c49008842bf7b9786e485c8a2eee44b7774bf55f3623c628b7c4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 43013
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
3.404content.com/resize/350x-/1/6C/CC/677341862122226995/ 14 KB
14 KB 73ms
69ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.404content.com/resize/350x-/1/6C/CC/677341862122226995/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: f31f02860c3e7a7d9909977f03a0a30fc9741364c45905e70ab8b390d8b06882

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 14485
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
3.404content.com/resize/350x-/1/CE/5D/970967661230425595/ 20 KB
20 KB 73ms
69ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3.404content.com/resize/350x-/1/CE/5D/970967661230425595/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: ff3695620e701d5a8af4e2d0ef3b154c121b1066c6bcd26b1d2e221183b9281f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 20809
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/1B/47/2447182049093092866/ 16 KB
16 KB 84ms
80ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/1B/47/2447182049093092866/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 539eaeb2cf20e8e784fe84385967f228e4f32b022392f33916a5344d2422daa3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 16509
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/7B/0B/1694264663396582599/ 13 KB
13 KB 94ms
90ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/7B/0B/1694264663396582599/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 682a27c8dcbca6bbe90dd495c7b7f59a679b7cf65b75779c3347f0d461978fe8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 13495
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 fullsize.jpg
4.404content.com/resize/350x-/1/31/A1/1642850015161353442/ 14 KB
14 KB 94ms
90ms Image
image/jpeg 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4.404content.com/resize/350x-/1/31/A1/1642850015161353442/fullsize.jpg
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 8e9c5cf520be64276c966421edb55cca7f507f6d23b8bed2891c88bf04a324fc

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
cache-control: max-age=15638400
server: nginx
content-type: image/JPEG
content-length: 13853
expires: Sun, 02 Oct 2022 15:01:52 GMT

GET
H2 200 bootstrap-1f4471ed.js Show response
const.404content.com/static/mini/js/ 533 KB
142 KB 74ms
70ms Script
application/javascript 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/js/bootstrap-1f4471ed.js
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: c40c013113a3419e41a98de2f12c52d07139be146d2698a53945a9fa22953fcc

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:25:06 GMT
server: nginx
etag: W/"6187e1c2-855b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Thu, 29 Sep 2022 03:12:42 GMT

GET
DATA 200
OK truncated
/ 0
0 Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Origin: https://lapyhvost.umoritelno.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 pt-sans.woff2-cd9718e0.css Show response
const.404content.com/static/mini/css/ 67 KB
51 KB 101ms
27ms XHR
text/css 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/css/pt-sans.woff2-cd9718e0.css
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 54eaf3cb4a9e60bad19087c748aba4049540fb31972fc75598af50da68da17c6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:22:46 GMT
server: nginx
etag: W/"6187e136-10c27"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Sat, 01 Oct 2022 19:31:44 GMT

GET
H2 200 common--min-3af8b686.css
const.404content.com/static/mini/css/ 56 KB
11 KB 73ms
69ms Stylesheet
text/css 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/css/common--min-3af8b686.css
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 7120295dd77c4dd5e09022597f795af2ab904adbf1e02d55ccadc04192edd3a5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:23:14 GMT
server: nginx
etag: W/"6187e152-dea4"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Tue, 27 Sep 2022 04:04:00 GMT

GET
H2 200 authorized_only--min-fbf032d7.css
const.404content.com/static/mini/css/ 6 KB
1 KB 73ms
70ms Stylesheet
text/css 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/css/authorized_only--min-fbf032d7.css
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 54c429a85c8316ee8d082f2d2ef6f05e686c25ca2c3657898d4e8a0df2ac8bd6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:24:10 GMT
server: nginx
etag: W/"6187e18a-17b2"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Sat, 01 Oct 2022 19:36:30 GMT

GET
H2 200 b-sample--min-83a7301f.css
const.404content.com/static/mini/post/css/ 10 KB
2 KB 74ms
70ms Stylesheet
text/css 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/post/css/b-sample--min-83a7301f.css
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 124657a436db6632f8a42856208e34a14674d7d54ce2d43b000fd8694e08117a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:22:51 GMT
server: nginx
etag: W/"6187e13b-27f2"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Thu, 29 Sep 2022 03:13:14 GMT

GET
H2 200 postlist--min-96578f25.css
const.404content.com/static/mini/post/css/ 13 KB
3 KB 74ms
70ms Stylesheet
text/css 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/post/css/postlist--min-96578f25.css
Requested by: Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 5e8d44a36722fc680c1c53fb10e3dade5e8913d3fb2b9560d46ed5bd9f5d4d91

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:24:07 GMT
server: nginx
etag: W/"6187e187-3260"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Thu, 29 Sep 2022 03:11:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3426
date: Mon, 04 Apr 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Apr 2022 16:04:46 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 250ms
126ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

828f5bfa31ddabad32bc2564a7cb86a56263116ede3f4c25c56898ce12306a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: br
last-modified: Fri, 01 Apr 2022 11:13:49 GMT
etag: "6246b43d-c50f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50447
expires: Mon, 04 Apr 2022 16:01:52 GMT

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13798e11a444d10b7c2f3c9b93a30dfbd918f2251840ec4307a0a1c8f6a66fc7

Request headers

Referer
Origin: https://lapyhvost.umoritelno.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 282d77e6c634638332166f43c391c8969d16d2a3d4bfb085c1304646ef3c87e5

Request headers

Referer
Origin: https://lapyhvost.umoritelno.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/ 301 KB
108 KB 68ms
62ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9668135093076166&plah=lapyhvost.umoritelno.com&bust=31065972

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

651dfe42114ec91ccb8c752a7b553983cf96e26df02411a49cddcf734fc61a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110221
x-xss-protection: 0
server: cafe
etag: 14539397045447039586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 15:01:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame FD7F 10 KB
5 KB 105ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 55971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 23:29:01 GMT
etag: 4044455266028820542
expires: Sun, 17 Apr 2022 23:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 124 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 505cbd0716a0f66f4db02c3b1ea6cede6a18b024ac940375d174d4021730b3e3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 417 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be7c2a0cb929fe52a3d8f6e02805722a918125c0adcfebe205c24bc2f6e1d7a5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=uft8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 73ms
38ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1862854560&t=pageview&_s=1&dl=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&ul=en-us&de=UTF-8&dt=%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1829322875&gjid=1829983197&cid=67210035.1649084513&tid=UA-53910010-1&_gid=994743946.1649084513&_r=1&_slc=1&z=951972712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lapyhvost.umoritelno.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lapyhvost.umoritelno.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common-57225e11.js Show response
const.404content.com/static/mini/js/ 33 KB
10 KB 52ms
52ms Script
application/javascript 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/js/common-57225e11.js
Requested by: Host: const.404content.com
URL: https://const.404content.com/static/mini/js/bootstrap-1f4471ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: c19cd8416e316dff9f830cda80f5695a9eca4f0ee1dc2d9a39043472a10dfa74

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:23:37 GMT
server: nginx
etag: W/"6187e169-834c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Sat, 01 Oct 2022 19:31:33 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 108ms
37ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lapyhvost.umoritelno.com&callback=_gfp_s_&client=ca-pub-9668135093076166

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9668135093076166&plah=lapyhvost.umoritelno.com&bust=31065972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b1b5ccfc566910226684a5bf413fcbb3088ae6c6d7e8a698539bfb8eaa53f051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 110ms
38ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=lapyhvost.umoritelno.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 104ms
33ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lapyhvost.umoritelno.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&tn=HEADER&cls=b-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F995 166 KB
40 KB 468ms
426ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&adk=1136080928&adf=855197701&lmt=1649084512&plaf=1%3A1&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&fba=1&format=0x0&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512270&bpp=4&bdt=264&idt=320&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6941332962468&frm=20&pv=2&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2827128055b8797756fb5b20ed06908f26125bfb59cb76f6621d9568b00d6f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 40853
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:01:53 GMT
expires: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/40529995/
Redirect Chain

https://mc.yandex.ru/watch/40529995?wmode=7&page-url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&cha...
https://mc.yandex.ru/watch/40529995/1?wmode=7&page-url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&c...

338 B
420 B

64ms
62ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/40529995/1?wmode=7&page-url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo3vd6jkbum%3Afp%3A3587%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A387688095137%3Ahid%3A768259917%3Az%3A0%3Ai%3A20220404150152%3Aet%3A1649084513%3Ac%3A1%3Arn%3A262678363%3Arqn%3A1%3Au%3A164908451319490503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649084508576%3Anp%3ATGludXggeDg2XzY0%3Ads%3A0%2C0%2C3281%2C39%2C147%2C145%2C1%2C88%2C0%2C%2C%2C%2C3556%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649084513%3At%3A%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

75e8527b6d0291969750ec04c3b465b64edc0e0d48ed82444d4c9a2fb68a0bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 04-Apr-2022 15:01:52 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://lapyhvost.umoritelno.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 04-Apr-2022 15:01:52 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:52 GMT
last-modified: Mon, 04-Apr-2022 15:01:52 GMT
location: /watch/40529995/1?wmode=7&page-url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo3vd6jkbum%3Afp%3A3587%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A387688095137%3Ahid%3A768259917%3Az%3A0%3Ai%3A20220404150152%3Aet%3A1649084513%3Ac%3A1%3Arn%3A262678363%3Arqn%3A1%3Au%3A164908451319490503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1649084508576%3Anp%3ATGludXggeDg2XzY0%3Ads%3A0%2C0%2C3281%2C39%2C147%2C145%2C1%2C88%2C0%2C%2C%2C%2C3556%3Aco%3A0%3Arqnl%3A1%3Ast%3A1649084513%3At%3A%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://lapyhvost.umoritelno.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 04-Apr-2022 15:01:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 78ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53910010-1&cid=67210035.1649084513&jid=1829322875&gjid=1829983197&_gid=994743946.1649084513&_u=IEBAAEAAAAAAAC~&z=1434151082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lapyhvost.umoritelno.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Apr 2022 15:01:52 GMT
content-type: text/plain
access-control-allow-origin: https://lapyhvost.umoritelno.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF9E 99 KB
33 KB 372ms
369ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6516699988&adk=339622755&adf=1193357146&pi=t.ma~as.6516699988&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512274&bpp=2&bdt=267&idt=440&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5qRVgjl39&p=https%3A//lapyhvost.umoritelno.com&dtd=465

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa36c8643cbacb9a8b31d3547fc027a18f229ee239ebaef81b6f0337c831072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33987
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:01:53 GMT
expires: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 64ms
64ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
last-modified: Fri, 01 Apr 2022 11:13:49 GMT
etag: "6246b43d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 04 Apr 2022 16:01:52 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C17C 100 KB
33 KB 366ms
365ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=9914447537&adk=2578498551&adf=3052770552&pi=t.ma~as.9914447537&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512276&bpp=2&bdt=269&idt=480&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TYUGlKsOXV&p=https%3A//lapyhvost.umoritelno.com&dtd=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fccb540fa2578d8871879fd63a372a7c9072f5f2dd6a2591d34925df976cd69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:01:53 GMT
expires: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1944 101 KB
33 KB 380ms
379ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ff6d5466868799cb35c0e53f211d9d2bb38e46ca19626f1759e53cbb9d72eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33577
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:01:53 GMT
expires: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50F7 74 KB
29 KB 314ms
311ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=2194311591&adk=3515028783&adf=3773213945&pi=t.ma~as.2194311591&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512279&bpp=2&bdt=273&idt=497&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=O1mGpUz6dH&p=https%3A//lapyhvost.umoritelno.com&dtd=501

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b64e56a90871557a81887b4a20d7067540fcbab74e5a9cd4adfc28b4c6f1a5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29893
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:01:53 GMT
expires: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 post_list-ca10fbef.js Show response
const.404content.com/static/mini/post/js/ 5 KB
2 KB 70ms
67ms Script
application/javascript 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/post/js/post_list-ca10fbef.js
Requested by: Host: const.404content.com
URL: https://const.404content.com/static/mini/js/bootstrap-1f4471ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: a9f89fadc3e35a300a7f6a07ee80f48e362fb3645ba2a0c3fe1f0c68e0e850e5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:25:02 GMT
server: nginx
etag: W/"6187e1be-132a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Tue, 27 Sep 2022 04:05:25 GMT

GET
H2 200 router-a11963c7.js Show response
const.404content.com/static/mini/js/ 2 KB
948 B 69ms
67ms Script
application/javascript 88.99.71.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://const.404content.com/static/mini/js/router-a11963c7.js
Requested by: Host: const.404content.com
URL: https://const.404content.com/static/mini/js/bootstrap-1f4471ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.71.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.71.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 655090477482a06f326789dddbaf173a4c2322e704a41b3479857ffb3c9693f6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:52 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 14:23:32 GMT
server: nginx
etag: W/"6187e164-66d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15638400
expires: Tue, 27 Sep 2022 04:05:25 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CF9 75 KB
30 KB 413ms
410ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=8854378272&adk=1213828409&adf=3312662771&pi=t.ma~as.8854378272&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512281&bpp=4&bdt=274&idt=507&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93e7cf204b49adfb-222cf1266dcd00e3%3AT%3D1649084512%3ART%3D1649084512%3AS%3DALNI_MZq59DmiFed71igDJ-Oom8jzjHBfA&prev_fmts=0x0%2C730x280%2C730x280%2C730x280%2C350x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ahqiTJhIaL&p=https%3A//lapyhvost.umoritelno.com&dtd=513

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3de838356d11d2b5818b8f112e7ea81785e580560b0e91676dfc056f819bb758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:01:53 GMT
expires: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5737679093724943144
tpc.googlesyndication.com/simgad/ Frame 50F7 38 KB
38 KB 173ms
104ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5737679093724943144?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk92hgD9YIfQ6RkqlNF1jg5hcoMHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=2194311591&adk=3515028783&adf=3773213945&pi=t.ma~as.2194311591&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512279&bpp=2&bdt=273&idt=497&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=O1mGpUz6dH&p=https%3A//lapyhvost.umoritelno.com&dtd=501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc8ab93761c100d840d1fdbd495f17994d56847c9c97d57e61599e3f5bff5f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 02:29:50 GMT
x-content-type-options: nosniff
age: 563523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39151
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 09:59:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 02:29:50 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 50F7 19 KB
8 KB 140ms
71ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 50F7 2 KB
1 KB 142ms
93ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:01:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50F7 119 KB
36 KB 171ms
121ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 50F7 15 KB
6 KB 129ms
80ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:58:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 50F7 29 KB
12 KB 169ms
120ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ad67d144ec3b03d42d7b919cc1610d4996a298a5826d6b4d4caf1e2cc80f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 06:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11953
x-xss-protection: 0
server: cafe
etag: 10221244845210318712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 06:58:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AF9E 8 KB
1 KB 101ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6516699988&adk=339622755&adf=1193357146&pi=t.ma~as.6516699988&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512274&bpp=2&bdt=267&idt=440&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5qRVgjl39&p=https%3A//lapyhvost.umoritelno.com&dtd=465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:37:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:01:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame AF9E 2 KB
957 B 152ms
86ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame AF9E 19 KB
8 KB 97ms
31ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame AF9E 2 KB
1 KB 128ms
83ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:01:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF9E 119 KB
37 KB 108ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame AF9E 15 KB
6 KB 98ms
33ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:58:20 GMT

GET
H2 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame AF9E 29 KB
12 KB 122ms
27ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C17C 8 KB
965 B 122ms
59ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=9914447537&adk=2578498551&adf=3052770552&pi=t.ma~as.9914447537&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512276&bpp=2&bdt=269&idt=480&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TYUGlKsOXV&p=https%3A//lapyhvost.umoritelno.com&dtd=484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:34:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:01:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame C17C 2 KB
938 B 160ms
97ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame C17C 19 KB
8 KB 96ms
33ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame C17C 2 KB
1 KB 122ms
84ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:01:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C17C 119 KB
36 KB 158ms
95ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame C17C 15 KB
6 KB 118ms
58ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:58:20 GMT

GET
H2 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame C17C 29 KB
12 KB 120ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1944 2 KB
605 B 100ms
43ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 14:27:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:01:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 1944 2 KB
938 B 154ms
97ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 1944 19 KB
8 KB 115ms
59ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 1944 2 KB
1 KB 108ms
84ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:01:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1944 119 KB
36 KB 129ms
72ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 1944 15 KB
6 KB 117ms
60ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:58:20 GMT

GET
H2 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame 1944 29 KB
12 KB 124ms
51ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H2 200 5737679093724943144
tpc.googlesyndication.com/simgad/ Frame 5CF9 38 KB
39 KB 154ms
99ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5737679093724943144?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk92hgD9YIfQ6RkqlNF1jg5hcoMHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=8854378272&adk=1213828409&adf=3312662771&pi=t.ma~as.8854378272&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512281&bpp=4&bdt=274&idt=507&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93e7cf204b49adfb-222cf1266dcd00e3%3AT%3D1649084512%3ART%3D1649084512%3AS%3DALNI_MZq59DmiFed71igDJ-Oom8jzjHBfA&prev_fmts=0x0%2C730x280%2C730x280%2C730x280%2C350x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ahqiTJhIaL&p=https%3A//lapyhvost.umoritelno.com&dtd=513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc8ab93761c100d840d1fdbd495f17994d56847c9c97d57e61599e3f5bff5f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 02:29:50 GMT
x-content-type-options: nosniff
age: 563523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39151
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 09:59:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 02:29:50 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 5CF9 19 KB
8 KB 120ms
66ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 5CF9 2 KB
1 KB 102ms
85ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:01:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CF9 119 KB
36 KB 121ms
102ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 5CF9 15 KB
6 KB 89ms
72ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:58:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5CF9 0
0 117ms
37ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkQng3e4E-X8O5dcoEW9_VXGIMpknxBpqJ40i3gL2cEog9JLEwWIQyWabF8YVBb2YZLR-rM_mvIIIzkCWtMFEYT2h8fw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=8854378272&adk=1213828409&adf=3312662771&pi=t.ma~as.8854378272&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512281&bpp=4&bdt=274&idt=507&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93e7cf204b49adfb-222cf1266dcd00e3%3AT%3D1649084512%3ART%3D1649084512%3AS%3DALNI_MZq59DmiFed71igDJ-Oom8jzjHBfA&prev_fmts=0x0%2C730x280%2C730x280%2C730x280%2C350x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ahqiTJhIaL&p=https%3A//lapyhvost.umoritelno.com&dtd=513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 5CF9 29 KB
12 KB 127ms
109ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ad67d144ec3b03d42d7b919cc1610d4996a298a5826d6b4d4caf1e2cc80f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 06:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11953
x-xss-protection: 0
server: cafe
etag: 10221244845210318712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 06:58:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50F7 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCiFRYAhLYrD8Ms-A78EP0sGE-AOY24qaacPAi93dD7WYoKbpLxABIOPzsRlg-wGgAZSz5K8CyAECqQIRY4ZOUXiyPqgDAcgDyQSqBOgBT9DC5xAKmokngyFmJDRrNb5TRiBmQzgzYWWKWk_icpn590iAh72UPw8JcLt4RyVyPyUjw8vovJ8zonxJ4bzw8Dg12VdnMYqSoCu4BDJEZPbWxqvpNysxHkDoyra-qkhFNioN_V_1HbE3k3RDJgnLm8oQyAxW6eGv6JLyFCvEPshYCwvNYrWau0RYP0JSDzRiNmzBIpEzr1tmTq9SbOO2KwIp4ddRAqRrPLib_vFgtDa7UoKtD_qlstX1E1NQFLzY-YODe1HwGpOPdCpfc2NWoqa7MduS_Pyf29qA4q97_l2U7Ln4lQaWgsAE68f1vYAEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6jmme4BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2JwN0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTk2NjgxMzUwOTMwNzYxNjYYAA&sigh=iCjcQcDuGKM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=2194311591&adk=3515028783&adf=3773213945&pi=t.ma~as.2194311591&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512279&bpp=2&bdt=273&idt=497&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=O1mGpUz6dH&p=https%3A//lapyhvost.umoritelno.com&dtd=501
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF9E 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFkZ-YAhLYrL4MMjQ6wSU0q3ICcqoubxpgJzl68UPysDXrecOEAEg4_OxGWD7AaAB3K_SvQLIAQmoAwHIA8sEqgTlAU_QiKdSg6S8A1eS5BPIgOz18SeQrdqX7wzSHYekBh-pPuroWsvA648clwzIf2Nzj7jD-k6iX2_2_QiSB4_ScKMBg2-HXj8NuRqwwYXy9da8f3a4QANAN_FCZRwCo3Jv7M9Q2TrgYW_eKJWDKFaeCzk9qt-_CAwyE39KWDXpBaKNB5IR7EfqzZuVizD1_t_nLqMjguI_gXX6vEDjGehusNVK-HDP1Llwe_fnsWrc1Xb4CKbTM3-OaIEmtKbyBQCGniPJFS8MWUCOtLqmvuxsYsJ-zNR7tD6R2sHA1ENvUw8tFaziDlTABJLqiN_YA5IFBAgEGAGSBQQIBRgEoAYugAfriej0AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELixL9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTY2ODEzNTA5MzA3NjE2NhgA&sigh=tFgQllkNDe0&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6516699988&adk=339622755&adf=1193357146&pi=t.ma~as.6516699988&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512274&bpp=2&bdt=267&idt=440&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=L5qRVgjl39&p=https%3A//lapyhvost.umoritelno.com&dtd=465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C17C 0
0 73ms
73ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9mGoYAhLYq-wMtrG6wSF4qaYB8qoubxp7PGzhasPloLNhYgWEAEg4_OxGWD7AaAB3K_SvQLIAQmoAwHIA8sEqgTrAU_QWB6ZXGu72k_mncUeo7pyNtxLkmO5MXr9VZVb4Jyvy4rEOS5qAhRoImZz3InSbs9L3PKU1ENLD3et4IOYahZWzI5h2R3Wpusb6k-J8RA8kWdMX0eEDxePTy1WmNjd_shm0cO5gsEj2GalOe0qbC67kBKqr8HhVYUgqLDwRia8Zqs8_d0mhpUkB8mxT-EgmJw9A9sOaWc3GjPQFwrojEq_AuD1X4BhtNrPTsZHm-n-J9xDQoPJrJdFxPWcO1W_7nB16FVFJYXbeLibnkrPaUQwUEVdmPKJSptJucMPbzYW96LKMKt0lmeN5pjABJLqiN_YA5IFBAgEGAGSBQQIBRgEoAYugAfriej0AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELS2R9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTY2ODEzNTA5MzA3NjE2NhgA&sigh=bL41sYfX4Hc&uach_m=[UACH]&cid=CAQSGwCNIrLMR3V4C-IdqPSM61hmMSBH_KA7pQiVQRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=9914447537&adk=2578498551&adf=3052770552&pi=t.ma~as.9914447537&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512276&bpp=2&bdt=269&idt=480&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TYUGlKsOXV&p=https%3A//lapyhvost.umoritelno.com&dtd=484
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1944 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsBNcYAhLYueBMomL6wTT16CoBpzCma1p5OGl480Onf_bwZwZEAEg4_OxGWD7AaABut-b-QPIAQmoAwHIA8sEqgThAU_Ql1YyrsYxGJQv-YD2nEcmjJ0TSDtoZdwOXFewhNL0PyYmG9nHkfdE28GyxYpgIsA9nrNhQJWkJfNHTYScgIDzS3hle1OB7d-Xc_EHf9v_UT257gbYuLSqdXzi-qCADe2AlrNGaORlIMQGea5PmePZTRkrT0qY0f9JRBN69cPkfVLgeOUUwkLP-Tu964rMGPVx7M5kMtqj3Pyy1XGxrGzAeod3xjcJtTvcCFJMXrCIZJTeRnCLT0TEP_bzTD5lmUqSqnhXcfNy3a9YnEzEUYvnWTxhb_kVl78hq9IjZNvUycAEpK22oesDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB82D-NIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENL2C9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NjY4MTM1MDkzMDc2MTY2GAA&sigh=E-mwK-SYplo&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CF9 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwgUvYAhLYp_4M4LA6gTtwqJgmNuKmmnDwIvd3Q-1mKCm6S8QASDj87EZYPsBoAGUs-SvAsgBAqkCAyEWYrd1sj6oAwHIA8kEqgTiAU_QoZvHFzm7PFHstslgkzlfONCTUMzXPNyVmZRWA36c70juviquG-DRxwHJ4BshI02mQmm9z9W-sGQHrYhQRDHC5CoP4GY7AMTMAv37CK1gVxG61B8gkIpkbr_Nb67dCtEqp8jcB2dWJ8erpsWQBlkUUid5rMI_6qgD2gOofXPWbbdxCMlKlF4mqSFpnYd6_YFXdSuGUx44E0-SEWnX-Z2uXP2bAQ-GXHru9ao4WrOgHaKiM6gUBvQMIKIeUKlxs60iUinSqmMjVjtC_-tGr-qj15iMkUhbP_IjkWBG_fHR9wbABOvH9b2ABJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeo5pnuAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKOEE9IICQiI4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NjY4MTM1MDkzMDc2MTY2GAA&sigh=Kclt227pYKI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=8854378272&adk=1213828409&adf=3312662771&pi=t.ma~as.8854378272&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512281&bpp=4&bdt=274&idt=507&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93e7cf204b49adfb-222cf1266dcd00e3%3AT%3D1649084512%3ART%3D1649084512%3AS%3DALNI_MZq59DmiFed71igDJ-Oom8jzjHBfA&prev_fmts=0x0%2C730x280%2C730x280%2C730x280%2C350x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ahqiTJhIaL&p=https%3A//lapyhvost.umoritelno.com&dtd=513
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7646780825183979807/ Frame AF9E 21 KB
21 KB 119ms
112ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7646780825183979807/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfdd18b0b875f3e9f851e9e61028b339209920abf7a6ae69e4ae821b215ddc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 07:28:29 GMT
x-content-type-options: nosniff
age: 286404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21838
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 14:18:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Apr 2023 07:28:29 GMT

GET
DATA 200
OK truncated
/ Frame AF9E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AF9E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7646780825183979807/ Frame C17C 21 KB
21 KB 70ms
28ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7646780825183979807/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfdd18b0b875f3e9f851e9e61028b339209920abf7a6ae69e4ae821b215ddc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 07:28:29 GMT
x-content-type-options: nosniff
age: 286404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21838
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 14:18:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Apr 2023 07:28:29 GMT

GET
DATA 200
OK truncated
/ Frame C17C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C17C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1944 36 KB
36 KB 133ms
53ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQpnPHaRSm2ZN52mt3S3Ro8OW4jPqkn1nEDk0M001nvCV0jhbqORGZmslkVXw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de01f192b8f2140ed7eabcd409b3f7c2f41fc9d13f7e817939c1263c3bb3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 06:35:26 GMT
x-content-type-options: nosniff
age: 289587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36696
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 01:58:19 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Apr 2023 06:35:26 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1944 18 KB
19 KB 116ms
25ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSRBmrGxgJh-5sMHoR66alwVEDZOuBnAUiH6MnSQKafR0w1qjErSwufQCYZR5I&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7a0f7891d4d93080806decccaf3170c2d71e8ff424b88cc1d167c97bc2ebfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 00:31:00 GMT
x-content-type-options: nosniff
age: 311453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18584
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 01:13:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Apr 2023 00:31:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1944 40 KB
40 KB 101ms
25ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQBRsi_IkWUtFUz8bJ54503Xi7mZMgeyRD8IOnHHGzLXniPXSxS05r_I4oMQQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f5da0240262466616428a401b1f6be98d4dff5627d067fd41d54285b39dbbaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 06:35:49 GMT
x-content-type-options: nosniff
age: 30364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40622
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 02:08:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Apr 2023 06:35:49 GMT

GET
H3

200

12581545980791877918
tpc.googlesyndication.com/simgad/ Frame 1944
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCfps-C2wEQsAkYsAkyCDH2u76nni_Q
https://tpc.googlesyndication.com/simgad/12581545980791877918

26 KB
26 KB

27ms
26ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12581545980791877918

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5000d1608f5e881ffac0ce07543e784791f624a9384e0994d7816984f6d5210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 10:46:36 GMT
x-content-type-options: nosniff
age: 447317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26716
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:12:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Mar 2023 10:46:36 GMT

Redirect headers

date: Mon, 04 Apr 2022 10:58:02 GMT
x-content-type-options: nosniff
server: cafe
age: 14631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/12581545980791877918
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 May 2022 10:58:02 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/ 145 KB
51 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/reactive_library_fy2019.js?bust=31065972

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f033690e728772b9dcf7a2c008ac06c53aff16890656236dab471b047d5c2e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52634
x-xss-protection: 0
server: cafe
etag: 11910722317039832135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 15:01:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F3F7 143 B
163 B 27ms
25ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=8854378272&adk=1213828409&adf=3312662771&pi=t.ma~as.8854378272&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512281&bpp=4&bdt=274&idt=507&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93e7cf204b49adfb-222cf1266dcd00e3%3AT%3D1649084512%3ART%3D1649084512%3AS%3DALNI_MZq59DmiFed71igDJ-Oom8jzjHBfA&prev_fmts=0x0%2C730x280%2C730x280%2C730x280%2C350x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ahqiTJhIaL&p=https%3A//lapyhvost.umoritelno.com&dtd=513
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 3279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 14:07:14 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 682C 143 B
163 B 26ms
26ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=2194311591&adk=3515028783&adf=3773213945&pi=t.ma~as.2194311591&w=350&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=350x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512279&bpp=2&bdt=273&idt=497&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=O1mGpUz6dH&p=https%3A//lapyhvost.umoritelno.com&dtd=501
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 3279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 14:07:14 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AF9E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e92936a018f8159c66be614ecd9e382f7dea44c6e202caa46e9da4f4cca9192f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C17C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 650fcd1f5f009ac84a666eda0b59eeda5cdbab29a26d3f43cf1b4a999a131f57

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1944 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0191f1989ab965fbf49db764ed9b2af5fe11e20512f9b515268943d28258cba6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 50F7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9547272d92be229eb20708eff36a3a3f453dcacb395cd85af6592efe66bb8f27

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 71ms
35ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=lapyhvost.umoritelno.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 69ms
34ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lapyhvost.umoritelno.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/ Frame 71E7 10 KB
4 KB 42ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 53783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 00:05:31 GMT
etag: 4044455266028820542
expires: Mon, 18 Apr 2022 00:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame AF9E 28 KB
28 KB 427ms
47ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 490457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:47:37 GMT

GET
DATA 200
OK truncated
/ Frame 5CF9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b155241dcdd64ba80ee82f5ae5defebcfdfb93a2ac33ce9caccf87a681df48ac

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame C17C 28 KB
28 KB 403ms
62ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 490457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:47:37 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 1944 20 KB
21 KB 365ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 415832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 30 Mar 2023 19:31:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F3F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

101ms
100ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 15:01:54 GMT
expires: Mon, 04 Apr 2022 15:01:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 15:01:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 682C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

181ms
180ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 15:01:54 GMT
expires: Mon, 04 Apr 2022 15:01:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 15:01:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 912B 35 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7ECB 35 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 71E7 8 KB
892 B 72ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:08:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 15:01:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 15:01:54 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 71E7 2 KB
904 B 24ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71E7 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4rkMYAhLYtKsLZa17_UP7pW1-AKDru28aemdw9OzCMCNtwEQASDj87EZYPsBoAHmw73jA8gBCakCAyEWYrd1sj6oAwHIA8sEqgTrAU_QvmbTdVYcdox-h6aMWVzsOQO_gEljiTyRlfVHC46z7UYMhPT2W4DdD2rv8-X0E0DFjYLsU2qDgfHqG2KbOaBQLMUxQGMJhnok4vxbUiDB4HJqfA3jmHDaZ26i4vKneShyKTTJ2Co_0K0AnV3l6k1tMIwCfu7Bf3rppCzTZhciZY7aJl4z2gcObJ0vJ7ehcd6f-pdTBWQPuEJt8_1DKr17lAMjN-FOthHim0_-LW5Jm-TAEayu8X4KRnTguYOA8lLjJ_L27orBXp-FSvHpktg7Sr95YiVEfB_BBWdNd4bqzsmpK8LuKDax9VvABLay3N7wAZIFBAgEGAGSBQQIBRgEoAYugAeCvMIcqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqJQD0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi05NjY4MTM1MDkzMDc2MTY2GAA&sigh=pnU6rrWxDA0&uach_m=[UACH]&template_id=5000

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 15:01:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 71E7 19 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:59:16 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 71E7 2 KB
1 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 15:01:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71E7 119 KB
36 KB 73ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:01:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 71E7 15 KB
6 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 14:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 14:58:20 GMT

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame 71E7 29 KB
12 KB 60ms
26ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7810608602906679468/ Frame 71E7 13 KB
13 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7810608602906679468/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc15fefed57181fe3e339cf1a406f2ccbb706470be99916bdbeeea0740fe5138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 11:29:37 GMT
x-content-type-options: nosniff
age: 99137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12930
x-xss-protection: 0
last-modified: Sun, 21 Oct 2018 16:51:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Apr 2023 11:29:37 GMT

GET
DATA 200
OK truncated
/ Frame 71E7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 71E7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 424F 35 KB
13 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9668135093076166&output=html&h=280&slotname=6330425747&adk=2387613486&adf=4021262257&pi=t.ma~as.6330425747&w=730&fwrn=4&fwrnh=100&lmt=1649084512&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F%3Futm_source%3Dgeneric%26utm_medium%3Demail%26utm_campaign%3Ddaily%26utm_content%3Dloadmore&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649084512278&bpp=1&bdt=272&idt=488&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280%2C730x280&nras=1&correlator=6941332962468&frm=20&pv=1&ga_vid=67210035.1649084513&ga_sid=1649084513&ga_hid=1862854560&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44760475%2C31065972%2C31066014&oid=2&pvsid=610320101975748&pem=485&tmod=296037587&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=gXZnATJ0fD&p=https%3A//lapyhvost.umoritelno.com&dtd=493

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 981B 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F01 35 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
DATA 200
OK truncated
/ Frame 71E7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd6d92e6b45a26ac1537149fb134eefdc2468ef352542e00eff8b04e9f35a3e5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame EF12 35 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: lapyhvost.umoritelno.com
URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 73ms
40ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

693f320b1aa7f6bbee35d8114258aebc163b9d8f78cdd289fe40b4da465fe298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 15:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10527
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CF9 42 B
64 B 85ms
59ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDzgykYCEC0q5ZQ5HCyovxUPaUjgZbCP7OZKxRRofjbXVgUQzgMNHqQrCI24dThlsdE9WjbqT-4YXjGFpJhPn9ComSWfpbRiDI-QQcawx2y7I1_Wqy4A&sai=AMfl-YSnkz1NAmhSNTd6oAVZAEa6lZuREAGkhBUuEzknRvama6e6xGAdbkXvIK2vBse_HXFHgvffPrICyT6VfoLSTVGgXT2KTSj8bWcV0-Qkn7LqAFkQzuAmCxzajR-ACz9I&sig=Cg0ArKJSzJtsPk-IURZrEAE&id=lidar2&mcvt=1235&p=0,7,280,343&mtos=1235,1235,1235,1235,1235&tos=1235,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1213828409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649084512796&rpt=882&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50F7 42 B
64 B 93ms
70ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgph7HDfCvIUdCcnnE4Ko_LJNmkpk60mgmismIH6W38bw7nsLrW1g_j1xxoX1sSEkozVkLUbmV6Q_LBNLOxMSYLUQqIaIJ6HKoZWFbCsM3PYGhqN4G3A&sai=AMfl-YQzpLhux5npXGMNTaPr1kKu2E_UHaB2H23lxbHZR4nYL-tT5irZ9paVNefZRNUoq_lPq-4iK-4WiaXh&sig=Cg0ArKJSzISEFGC4c8fzEAE&id=lidar2&mcvt=1239&p=0,7,280,343&mtos=1239,1239,1239,1239,1239&tos=1239,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3515028783&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649084512782&rpt=865&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 15:01:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF9E 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1HDCAkxcXP5KPbOWm-6q-Azknm61IonThRHSLMieipTWORqKbFDMkyZh06QeQysx4zEdv7y_fsEeZwcI-JA8jbhKASSFkaF1pc2J7fmAqJCkQKHpRlg&sai=AMfl-YQELNcWdnYnXQC1e5H_mABDrt4b-DoQ8im0lrmPKH0KKoGAqL_ZVxqu_RNydAmgxRtrZtmatjkQOqDm&sig=Cg0ArKJSzIgfP2lHwRWJEAE&id=lidar2&mcvt=1110&p=0,0,280,730&mtos=1110,1110,1110,1110,1110&tos=1110,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=339622755&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649084512742&rpt=1444&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C17C 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVucNu6eUzQ0Tg-XOUF3uowCZdCBt4Nhca2eOjWExhTr3xPYAtdrVMHNvphZ4H2tDOnIG-f7wwqRaCAsBB8tXdEpEsvduFRFd8WZ-jIjJCN2I4bikr_Q&sai=AMfl-YT4vPvXu-bunqVYxmuVZe30WRxyW8ncFwAc9-RSTf0tPugz8WYAgFZk0ehP42emj5ACzP9Ilx4lGnw3&sig=Cg0ArKJSzHVqsYjRZEhlEAE&cid=CAQSGwCNIrLMR3V4C-IdqPSM61hmMSBH_KA7pQiVQRgB&id=lidar2&mcvt=1066&p=0,0,280,730&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2578498551&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649084512762&rpt=1487&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B483 13 KB
5 KB 27ms
27ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 3894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 13:57:01 GMT
expires: Tue, 04 Apr 2023 13:57:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F4F 783 B
535 B 38ms
38ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76bbc876291b00bf6532ec3dbc385d98ca65c829f058528d9f381a0027d10f4f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZDhdRLkH8SLQiE2lNzkJLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ZDhdRLkH8SLQiE2lNzkJLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 15:01:55 GMT
expires: Mon, 04 Apr 2022 15:01:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F4F 0
0 87ms
87ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=610320101975748&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame B483 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:43:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 12:43:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B483 0
9 B 26ms
26ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t2Cy8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:01:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71E7 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstksJb9w1Tc7muanQdpA-ilbnPVxM9-GVAD3Kq2PInFr6YLrTWdq1e9dOlPEKpPrAoncTCdbdFOOBwQV8Oz2La0b5siVFYz5gzMJHsaykD0PdXyNaIWig&sai=AMfl-YS1uQBTVxD6AO2vN1GzIEZ230GeqPA-t7U5RJuiYRwAb8oZo8bWynPL3xl5qtXQPCzFnmSASoC4ye5v&sig=Cg0ArKJSzAGLVrMWVQhgEAE&id=lidar2&mcvt=1297&p=0,0,124,1005&mtos=943,1297,1297,1297,1297&tos=943,354,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1136080921&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649084513721&rpt=802&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:01:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 87ms
87ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220330&jk=610320101975748&bg=!CwilCEzNAAZku-1yRLs7ACkAdvg8WhroffKERYq1dKYpWjtiRSryjQl2EX3KkJEFES61sw_nhoHnRwIAAAHcUgAAABVoAQcKAE7vjYeV3zYSywTl4lejP8YpvBQb2QOALsWJWYHc-HBouTWgqmv7-2iUu4AU4OjmSkKSIqusqDCeBG0K59tK8vYLwN_MSrNt-wDs3IZUyHCZAvWnM0avvvC2qhE_hTl1i5gKrlhr8vTckYMjOp_s66TldHhLNjfleWNEYC_5gwdEso4ieeKlLtXDCio71_6tpN9hENtQkdwELgy6JINsWpZPnsiQ8UoEISf1h-Wfwg9qXZ4quqp77wgjD09I1Lo3EEjbG9B9pPM3uNJEkN_iVG7tUy7dMxfHPaJPqi96ZT4kS4Jjq0XBG2GBwAsddkgod2cM6QnHcpKxWduZfhS8UAIIMqw0irD5IbZYMEHcbeKggnLU0aSKeaG3LIVDhugsIrXlNARzWCls4920Ba-2xJ-QywS0cmzTVOYd1yA8eWO5FxaLv2HKbfzV_0Fj-iy5Bk4ALrYFEcocQXUCPBPFp7EfV76vKsdUP9FGw-TXBFwPPxQZAdkPS4lPhFfc0pyrxPjpJ-Hz9E7Knwme76A9Wr9tqGbXCp99jYJ-Ut0uhlnB42Ku7oH9i5vks6Sdr7_PvwEqVFz8wYlHaTblttkpoLxNl7E6-MsXrGsZ19znjWf887bQw4MMX2VJkqECH0h8G4p9mmMHlcp77FNTtrdntQ3fbqDb1shJkaXHvl9XfAn3Q2o6zpst2TepkjBFYclA2QWhRpDM0L0is77Gr3IGyEqaKrmXgJNS2cWtjtYJ4bptOL5KjaKvrrQip_UOS076Jr_9aJJF24m0r9xTUXXCugnP4AoS3VG3RjO4nfRXEdBLaUPfSwkYApHwAKEQ65jir2QxMcJvs4eye6eIXp5K608toMYadXxknSQTtjbD5dM_vQK5THFjyleYtj7FeA2TLwXbkYb0HUwByB56tmXAr8eBal6uiAK6V7TIXXZ3Vph4VZzUyeUCso3gbPVF20wcKokoNDOTSrlytFPwNrleUEsMj6PJihhsorTLTLubYW8qhUR-9hfMVUcjFxutxL11uy1PBz7VTzpgTlVkk0t_k7rp0H5E2aY-hKM3uymXQGj8t-xAFRUrz2x_Gg9U9hdnLt68sYUA8LhhuPG1OoqsQkDRwHu5A5Zq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

POST
H2 200 40529995
mc.yandex.ru/watch/ 43 B
145 B 70ms
65ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/40529995?page-url=https%3A%2F%2Flapyhvost.umoritelno.com%2Fplay%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A157%3Aar%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo3vd6jkbum%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A1%3Als%3A387688095137%3Ahid%3A768259917%3Az%3A0%3Ai%3A20220404150207%3Aet%3A1649084528%3Ac%3A1%3Arn%3A577740680%3Arqn%3A2%3Au%3A164908451319490503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1649084508576%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C6205%2C6205%2C142%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1649084528&t=gdpr(14)lt(153200)aw(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://lapyhvost.umoritelno.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 15:02:07 GMT
last-modified: Mon, 04-Apr-2022 15:02:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://lapyhvost.umoritelno.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 04-Apr-2022 15:02:07 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lapyhvost.umoritelno.com/	1970-01-20 10:48:54	Name: csrftoken Value: T36vrhYTUvXas3pdah6qRTcX5HiNOzjm
lapyhvost.umoritelno.com/	1970-01-20 02:47:56	Name: sessionid Value: 9kcxjx57yg4zyn12klkmoi4hn94jnigh
lapyhvost.umoritelno.com/	1970-01-20 02:47:56	Name: userid Value: 2444523742653579688
.umoritelno.com/	1970-01-20 19:35:56	Name: _ga Value: GA1.2.67210035.1649084513
.umoritelno.com/	1970-01-20 02:06:10	Name: _gid Value: GA1.2.994743946.1649084513
.umoritelno.com/	1970-01-20 02:04:44	Name: _gat Value: 1
.umoritelno.com/	1970-01-20 10:50:20	Name: _ym_uid Value: 164908451319490503
.umoritelno.com/	1970-01-20 10:50:20	Name: _ym_d Value: 1649084513
.yandex.ru/	1970-01-20 10:50:20	Name: yandexuid Value: 8620966661649084512
.yandex.ru/	1970-01-20 10:50:20	Name: yuidss Value: 8620966661649084512
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1712376691649084512
.yandex.ru/	1970-01-23 17:40:44	Name: i Value: 8v9Hn66Xur4+A30WIL40JgiqiPLfAPWWGi//X2C3CVwBJR3Dm+aTbIM710VtT6cEoZebLzplVd9DccynxZa6Ma9OXRU=
.yandex.ru/	1970-01-20 10:50:20	Name: ymex Value: 1680620512.yrts.1649084512#1680620512.yrtsi.1649084512
.umoritelno.com/	1970-01-20 11:26:20	Name: __gads Value: ID=93e7cf204b49adfb-222cf1266dcd00e3:T=1649084512:RT=1649084512:S=ALNI_MZq59DmiFed71igDJ-Oom8jzjHBfA
.umoritelno.com/	1970-01-20 02:05:56	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 11:26:20	Name: IDE Value: AHWqTUm9vjRvk1TONMU7iCrODDgvWvlfqIC3vT0qyiFjuVFphUW7Ru-OF9BUZ_5676I
.doubleclick.net/	1970-01-20 02:04:48	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://lapyhvost.umoritelno.com/play/?utm_source=generic&utm_medium=email&utm_campaign=daily&utm_content=loadmore(Line 170) Message: Failed to decode downloaded font: data:application/font-woff2,
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1136080921&client=ca-pub-9668135093076166&fa=1&ifi=7&uci=a!7&btvi=2&xpc=a2KFsEosr8&p=https%3A//lapyhvost.umoritelno.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.404content.com
4.404content.com
adservice.google.com
adservice.google.fr
const.404content.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lapyhvost.umoritelno.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.98
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
2a02:6b8::1:119
88.99.235.232
88.99.71.229
0191f1989ab965fbf49db764ed9b2af5fe11e20512f9b515268943d28258cba6
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d912597cca069897ac3b707047552ea856b061f1cebec2da40ae11fb4670005
0ee20f1cf0177a313bccb0ff55a3cc99ffb6e3308e4ddc73137fade62acd4c02
0f5da0240262466616428a401b1f6be98d4dff5627d067fd41d54285b39dbbaf
124657a436db6632f8a42856208e34a14674d7d54ce2d43b000fd8694e08117a
13798e11a444d10b7c2f3c9b93a30dfbd918f2251840ec4307a0a1c8f6a66fc7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e1e5b651497b9fd2b2b3e656304cd4dbcfc599f462c7b6547afea80a37a9097
1ff6d5466868799cb35c0e53f211d9d2bb38e46ca19626f1759e53cbb9d72eb3
2827128055b8797756fb5b20ed06908f26125bfb59cb76f6621d9568b00d6f53
282d77e6c634638332166f43c391c8969d16d2a3d4bfb085c1304646ef3c87e5
2fccb540fa2578d8871879fd63a372a7c9072f5f2dd6a2591d34925df976cd69
30de01f192b8f2140ed7eabcd409b3f7c2f41fc9d13f7e817939c1263c3bb3cc
322cc07549b9c1f2a218d96eca745e2c58676bc428498089bd3b6e2c60e53d6f
328dc3527a4aa3179572690ce4a6ae7caf51d064350efa1d8261f5fa2e3a93f4
3de838356d11d2b5818b8f112e7ea81785e580560b0e91676dfc056f819bb758
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46a78baa250f346d31e2645ec7c1b98232da8eeeba13839590dd8754c7fc6d28
495896fbac77cecb08527fd2b641a1bc125db3a64ade6c87112db81b4dcf1587
4cba57f5d13e55db9bf2a13cf21790b84f3a2fe3982f02ddfebb157222c594d2
4d14f21da9859eec0db2b526e7234113e5146d29cffc341a304bf2b8ffc7ff39
4fae2e6f4835c49008842bf7b9786e485c8a2eee44b7774bf55f3623c628b7c4
505cbd0716a0f66f4db02c3b1ea6cede6a18b024ac940375d174d4021730b3e3
539eaeb2cf20e8e784fe84385967f228e4f32b022392f33916a5344d2422daa3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c429a85c8316ee8d082f2d2ef6f05e686c25ca2c3657898d4e8a0df2ac8bd6
54eaf3cb4a9e60bad19087c748aba4049540fb31972fc75598af50da68da17c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
5e8d44a36722fc680c1c53fb10e3dade5e8913d3fb2b9560d46ed5bd9f5d4d91
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
650fcd1f5f009ac84a666eda0b59eeda5cdbab29a26d3f43cf1b4a999a131f57
651dfe42114ec91ccb8c752a7b553983cf96e26df02411a49cddcf734fc61a87
655090477482a06f326789dddbaf173a4c2322e704a41b3479857ffb3c9693f6
664cc31258a5f70f13beb281f6cd3bd5cd1eb677abe83692f394d829bac58081
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
682a27c8dcbca6bbe90dd495c7b7f59a679b7cf65b75779c3347f0d461978fe8
693f320b1aa7f6bbee35d8114258aebc163b9d8f78cdd289fe40b4da465fe298
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de747b612b6c3478f08217489c2bced616eda1619378e58aaeb1baf6060d10b
7120295dd77c4dd5e09022597f795af2ab904adbf1e02d55ccadc04192edd3a5
75e8527b6d0291969750ec04c3b465b64edc0e0d48ed82444d4c9a2fb68a0bbf
76bbc876291b00bf6532ec3dbc385d98ca65c829f058528d9f381a0027d10f4f
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
828f5bfa31ddabad32bc2564a7cb86a56263116ede3f4c25c56898ce12306a7f
8a228287c3a2453dbf3cf6e9a4f68625f0fa554feb83fa72be7e499d583e7ddd
8e9c5cf520be64276c966421edb55cca7f507f6d23b8bed2891c88bf04a324fc
9547272d92be229eb20708eff36a3a3f453dcacb395cd85af6592efe66bb8f27
9b4306d173fb23076c0207f66618a237b08417638033327e68239709a6ffb275
9f7a0f7891d4d93080806decccaf3170c2d71e8ff424b88cc1d167c97bc2ebfa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a9f89fadc3e35a300a7f6a07ee80f48e362fb3645ba2a0c3fe1f0c68e0e850e5
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa36c8643cbacb9a8b31d3547fc027a18f229ee239ebaef81b6f0337c831072
b155241dcdd64ba80ee82f5ae5defebcfdfb93a2ac33ce9caccf87a681df48ac
b1b5ccfc566910226684a5bf413fcbb3088ae6c6d7e8a698539bfb8eaa53f051
b3d9125e9682c535190f6427ecdf078a1444bd9cdd4403fd6f1897be8538b3e2
b64e56a90871557a81887b4a20d7067540fcbab74e5a9cd4adfc28b4c6f1a5a3
b67f4feb236cbebdaf924c18e72e23ec11d33054d38cd39be2346a74bf74e1c7
be7c2a0cb929fe52a3d8f6e02805722a918125c0adcfebe205c24bc2f6e1d7a5
c19cd8416e316dff9f830cda80f5695a9eca4f0ee1dc2d9a39043472a10dfa74
c40c013113a3419e41a98de2f12c52d07139be146d2698a53945a9fa22953fcc
cd6d92e6b45a26ac1537149fb134eefdc2468ef352542e00eff8b04e9f35a3e5
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc15fefed57181fe3e339cf1a406f2ccbb706470be99916bdbeeea0740fe5138
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5000d1608f5e881ffac0ce07543e784791f624a9384e0994d7816984f6d5210
e7ad67d144ec3b03d42d7b919cc1610d4996a298a5826d6b4d4caf1e2cc80f24
e92936a018f8159c66be614ecd9e382f7dea44c6e202caa46e9da4f4cca9192f
ea4bebeeb715765cfa422e5cd00a323b4eb1280acb5e982791a8fc518cd53401
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033690e728772b9dcf7a2c008ac06c53aff16890656236dab471b047d5c2e9a
f31f02860c3e7a7d9909977f03a0a30fc9741364c45905e70ab8b390d8b06882
fb97e481d47b0d6803673b258253c94ea9563e6a640c328b60a7795557f9f5de
fbfdd18b0b875f3e9f851e9e61028b339209920abf7a6ae69e4ae821b215ddc3
fc8ab93761c100d840d1fdbd495f17994d56847c9c97d57e61599e3f5bff5f99
ff3695620e701d5a8af4e2d0ef3b154c121b1066c6bcd26b1d2e221183b9281f

lapyhvost.umoritelno.com Open in urlscan Pro 88.99.235.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

99 %HTTPS

82 %IPv6

12 Domains

20 Subdomains

18 IPs

4 Countries

2012 kBTransfer

4482 kBSize

17 Cookies

71 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lapyhvost.umoritelno.com Open in urlscan Pro
88.99.235.232 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

99 %
HTTPS

82 %
IPv6

12
Domains

20
Subdomains

18
IPs

4
Countries

2012 kB
Transfer

4482 kB
Size

17
Cookies

135 HTTP transactions
17 data transactions