winintro.ru Open in urlscan Pro
188.40.254.211  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

• https://www.acint.net/mc/?dp=10 HTTP 302
• https://www.acint.net/mc/?dp=10&tc=1

Request Chain 18

• https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEC9689611C07389902EC519B HTTP 302
• https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEC9689611C07389902EC519B&crf=1

Request Chain 19

• https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
• https://acint.net/match?dp=14&euid=0100007FEC9689618900C76002DD9BF2

Request Chain 20

• https://px.adhigh.net/p/cm/sape?u=0100007FEC9689611C07389902EC519B HTTP 302
• https://px.adhigh.net/p/cm/sape?u=0100007FEC9689611C07389902EC519B&bounced=1 HTTP 302
• https://acint.net/match?dp=17&euid=usXTf47g1xbx.AikABlF9AXWLIQ

Request Chain 22

• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5317945989 HTTP 302
• https://www.acint.net/rmatch?dp=45&euid=AA_ZQHUNtDiK9iCFrnulnRA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
• https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEC9689611C07389902EC519B

Request Chain 24

• https://sync.republer.com/match?dsp=sape HTTP 307
• https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
• https://sync.bumlam.com/?src=rp1&uid=a077ccf0-0ced-4d39-afc6-21b1dc6f593e HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjsraaMBlIEioaQK2IkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNl HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjsraaMBlIEioaQK2IkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw** HTTP 302
• https://sync.bumlam.com/?src=rp1&s_data=CAIQABjsraaMBmIkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw** HTTP 302
• https://sync.bumlam.com/?src=rp1&s_data=CAIQARjsraaMBmIkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw**

Request Chain 28

• https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-yWiWEcBziZAuxRmw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-yWiWEcBziZAuxRmw&google_tc= HTTP 302
• https://www.acint.net/match?dp=77&euid=

Request Chain 29

• https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FEC9689611C07389902EC519B HTTP 302
• https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEC9689611C07389902EC519B

Request Chain 32

• https://adx.com.ru/sape-sync?uid=0100007FEC9689611C07389902EC519B HTTP 302
• https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FEC9689611C07389902EC519B HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=618996ecf0e015b69cfc3234&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D618996ecf0e015b69cfc3234%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D618996ecf0e015b69cfc3234%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=618996ecf0e015b69cfc3234&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D618996ecf0e015b69cfc3234%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D618996ecf0e015b69cfc3234%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D&cs=1 HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D618996ecf0e015b69cfc3234%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D618996ecf0e015b69cfc3234%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D618996ecf0e015b69cfc3234%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D618996ecf0e015b69cfc3234%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=1468276171 HTTP 302
• https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D618996ecf0e015b69cfc3234%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D618996ecf0e015b69cfc3234%2526dest%253D&webouid=lXsC8HQWDmkKkd8nbOXyfe HTTP 302
• https://prodmp.ru/yabbi.gif?uid=618996ecf0e015b69cfc3234&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D618996ecf0e015b69cfc3234%26dest%3D HTTP 302
• https://x01.aidata.io/0.gif?pid=9712851&id=618996ecf0e015b69cfc3234&dest=

Request Chain 33

• https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEC9689611C07389902EC519B HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEC9689611C07389902EC519B&cs=1

Request Chain 34

• https://sape-sync.rutarget.ru/sync HTTP 302
• https://www.acint.net/match?dp=104&euid=qkajtL6Zicrk

Request Chain 35

• https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://acint.net/match?dp=107&euid=b2db8511-df7b-5339-9f80-e226fe0974ca

Request Chain 36

• https://0100007fec9689611c07389902ec519b-sp.ops.beeline.ru/p?ssp=sp&id=0100007FEC9689611C07389902EC519B HTTP 301
• https://www.acint.net/match?dp=111&euid=16e89efc-0223-40f7-a2a0-246b350b4e4d

Request Chain 37

• https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FEC9689611C07389902EC519B HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
• https://ut.rktch.com/matchspm?pi=1000006&pui=lXsC8HQWDmkKkd8nbOXyfe&noredirect

Request Chain 38

• https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FEC9689611C07389902EC519B HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FEC9689611C07389902EC519B HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=5bb65960-f11b-49e6-acbd-d4bacf981574&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
• https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
• https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id= HTTP 301
• https://www.acint.net/match?dp=125&euid=5bb65960-f11b-49e6-acbd-d4bacf981574

Request Chain 39

• https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
• https://www.acint.net/match?dp=126&euid=a533669b-7cc1-48b2-7907-48f3a3c4e2a6

Request Chain 40

• https://s.uuidksinc.net/match/396/0100007FEC9689611C07389902EC519B HTTP 302
• https://www.acint.net/match?dp=127&euid=HONiAOVMmIe8YD7UppN8

Request Chain 43

• https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEC9689611C07389902EC519B HTTP 302
• https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEC9689611C07389902EC519B&bounce=1 HTTP 302
• https://sm.rtb.mts.ru/p?ssp=aidata&id=ljrYOs5D%2Fn%2FWayCa8PZejA HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=51&exu=ljrYOs5D%2Fn%2FWayCa8PZejA HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=5bb65960-f11b-49e6-acbd-d4bacf981574&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FW7ZZYPEbSeasvdS6z5gVdA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253DljrYOs5D%25252Fn%25252FWayCa8PZejA%26sign%3D2647533769 HTTP 302
• https://an.yandex.ru/setud/mts_banner/W7ZZYPEbSeasvdS6z5gVdA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DljrYOs5D%252Fn%252FWayCa8PZejA&sign=2647533769

Request Chain 45

• https://an.yandex.ru/mapuid/sapeis/0100007FEC9689611C07389902EC519B HTTP 302
• https://an.yandex.ru/mapuid/sapeis/0100007FEC9689611C07389902EC519B?redir-setuniq=1

Request Chain 57

• https://dmg.digitaltarget.ru/1/1093/i/i?i=130407674425100.753078853274325&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.753078853274325&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 58

• https://dmg.digitaltarget.ru/1/1093/i/i?i=130407674425100.458012132396403&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.458012132396403&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 86

• https://rtb.openx.net/sync/dds?google_gid=CAESEFjNM73XBKgstX6-5p5Snbc&google_cver=1&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFjNM73XBKgstX6-5p5Snbc&google_cver=1&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s&google_hm=xz58CxfzyBEI5mslZqa72w==

Request Chain 87

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDAiMO1uN05ewskQAAdE9y0&google_cver=1&google_push=AYg5qPJosTE8UZ0AbvMDkQREFR_9HXO8kCttRFckpdVxeIUKRzuH9k4-uwRHfkuVF74Ef6n-sdgQwIJ-yTdFcBgXSRiFyl-8Iqk HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDAiMO1uN05ewskQAAdE9y0&google_cver=1&google_push=AYg5qPJosTE8UZ0AbvMDkQREFR_9HXO8kCttRFckpdVxeIUKRzuH9k4-uwRHfkuVF74Ef6n-sdgQwIJ-yTdFcBgXSRiFyl-8Iqk&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJosTE8UZ0AbvMDkQREFR_9HXO8kCttRFckpdVxeIUKRzuH9k4-uwRHfkuVF74Ef6n-sdgQwIJ-yTdFcBgXSRiFyl-8Iqk

Request Chain 88

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECfqrQbfWKlJ5PC3nAMFgWQ&google_cver=1&google_push=AYg5qPLE3yRjF6AXiPmWKkGjNIdnm_1cfz7MOJbVl19HVe6xkQBFtmRqedKHgXriUMngoPySk_5lYw8Zh0ZaQgdC-8jNcG2YOF8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhONkctNC1KMzVZ&google_push=AYg5qPLE3yRjF6AXiPmWKkGjNIdnm_1cfz7MOJbVl19HVe6xkQBFtmRqedKHgXriUMngoPySk_5lYw8Zh0ZaQgdC-8jNcG2YOF8

Request Chain 89

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_cver=1&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1

Request Chain 91

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEN3amU2vDsbWBoz82hSJ9Nw&google_cver=1&google_push=AYg5qPJSuRHotrD4Swy0-5cyu3HheJ4sk-ACVOY3lYLBZTZFeHi6bID64eS8d37ThrmPUuKP_Vi8lyjdMkEdy1gf5xP2tyXNkkg HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSuRHotrD4Swy0-5cyu3HheJ4sk-ACVOY3lYLBZTZFeHi6bID64eS8d37ThrmPUuKP_Vi8lyjdMkEdy1gf5xP2tyXNkkg&google_hm=

Request Chain 96

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLym5idS7yVvL8ryaOu0N62bMoCQvMt0-TIFDoqE-iqZ9ZHLW-r5DAzjw7ddVRSkaGJ_MLBetCYNz0B3CiDevH6m-0WqbMd&google_gid=CAESED77gwJT3RoWYz1W8j3SC7I&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLym5idS7yVvL8ryaOu0N62bMoCQvMt0-TIFDoqE-iqZ9ZHLW-r5DAzjw7ddVRSkaGJ_MLBetCYNz0B3CiDevH6m-0WqbMd&google_gid=CAESED77gwJT3RoWYz1W8j3SC7I&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDgyMTMwMjIwMDA1NTU1OTY2MDkyMg%3D%3D&google_push=AYg5qPLym5idS7yVvL8ryaOu0N62bMoCQvMt0-TIFDoqE-iqZ9ZHLW-r5DAzjw7ddVRSkaGJ_MLBetCYNz0B3CiDevH6m-0WqbMd

Request Chain 105

• https://rtb.openx.net/sync/dds?google_gid=CAESEFjNM73XBKgstX6-5p5Snbc&google_cver=1&google_push=AYg5qPLTBEW7uxa5eK2ARV-wjvdJoaB-ZQuJRHTvUEpBRTXem7Nxz4Gvodj4bwg2G5fCJluJd9oNojeswRZJFEPShuuCrePRxOX4Eg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLTBEW7uxa5eK2ARV-wjvdJoaB-ZQuJRHTvUEpBRTXem7Nxz4Gvodj4bwg2G5fCJluJd9oNojeswRZJFEPShuuCrePRxOX4Eg&google_hm=xz58CxfzyBEI5mslZqa72w==

Request Chain 106

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDAiMO1uN05ewskQAAdE9y0&google_cver=1&google_push=AYg5qPK9wbMXHVM3mXBJGLRxh04NuvboFzg0OATZvtSDUN9Ho6q0TNHsvEfcu03mvVeklxhu-yw_X8okrLbyWwTM5c8xbIV8LzppNQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK9wbMXHVM3mXBJGLRxh04NuvboFzg0OATZvtSDUN9Ho6q0TNHsvEfcu03mvVeklxhu-yw_X8okrLbyWwTM5c8xbIV8LzppNQ

Request Chain 107

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECfqrQbfWKlJ5PC3nAMFgWQ&google_cver=1&google_push=AYg5qPI0Dv1zpik4A7g-YYy6Wmd9TQBpb30nxKcu--iEy0HQb54Xqax7UHhdbViM3sndqqgMuZiZyUDUvI6EQn8SLf8M2Ivwhkw8aw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhOR08tMTYtNFoxNg==&google_push=AYg5qPI0Dv1zpik4A7g-YYy6Wmd9TQBpb30nxKcu--iEy0HQb54Xqax7UHhdbViM3sndqqgMuZiZyUDUvI6EQn8SLf8M2Ivwhkw8aw

Request Chain 108

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_cver=1&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Show response winintro.ru/adam.en/html/	12 KB 3 KB	448ms 21ms	Document text/html	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash eb837e149e5203caec0e9ccdc744051f8034003278b8f76a5bfa91bd1c3a55f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Mon, 08 Nov 2021 21:30:19 GMT content-type text/html vary Accept-Encoding x-xss-protection 1; mode=block x-content-type-options nosniff x-nginx-cache-status EXPIRED x-server-powered-by Engintron content-encoding gzip
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 51 KB	531ms 489ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46f8140d592bc13b5ba244c6d70093e7a4a579dcf7cdb71be678e25e4172c92b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51369 x-xss-protection 0 server cafe etag 7077994853634041683 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 08 Nov 2021 21:30:20 GMT
GET H2	200	classic.css winintro.ru/adam.en/local/	7 KB 2 KB	31ms 30ms	Stylesheet text/css	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/adam.en/local/classic.css Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 47238430d0e20fbcd00d8eea8ddbedf4086cf6896a4abd965a9974fe58c17fda Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip last-modified Mon, 10 Dec 2018 16:33:24 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Wed, 08 Dec 2021 21:30:20 GMT
GET H2	200	script.js Show response winintro.ru/adam.en/local/	3 KB 1 KB	30ms 29ms	Script application/javascript	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/adam.en/local/script.js Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 1e26c39956de81f98f5672fee343c16c3e36ee4ecf75bc0864eb2c9480fea639 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip last-modified Mon, 10 Dec 2018 16:33:35 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 08 Dec 2021 21:30:20 GMT
GET H2	200	helpindex.css winintro.ru/files/	344 B 323 B	31ms 31ms	Stylesheet text/css	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/files/helpindex.css Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Wed, 08 Dec 2021 21:30:20 GMT
GET H2	200	supply.js Show response winintro.ru/files/	1 KB 789 B	30ms 30ms	Script application/javascript	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/files/supply.js Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip last-modified Mon, 11 Jul 2016 10:36:54 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 08 Dec 2021 21:30:20 GMT
GET H2	200	ext-all.css winintro.ru/files/	128 KB 21 KB	28ms 28ms	Stylesheet text/css	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/files/ext-all.css Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Wed, 08 Dec 2021 21:30:20 GMT
GET H2	200	procedure.gif winintro.ru/adam.en/local/	560 B 748 B	14ms 14ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/adam.en/local/procedure.gif Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 8c11db5061f6c118d99e8903a5c37d38103c69e83b791cf776df57f1a3b1d89d Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 10 Dec 2018 16:33:32 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 560 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	aci.js Show response www.acint.net/	21 KB 7 KB	58ms 12ms	Script application/x-javascript	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.acint.net/aci.js Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip last-modified Sat, 02 Jan 2021 18:29:12 GMT server openresty etag "5ff0bb78-1baf" content-type application/x-javascript cache-control max-age=43200 content-length 7087 expires Tue, 09 Nov 2021 09:30:20 GMT
GET H2	200	bg.gif winintro.ru/files/images/default/toolbar/	904 B 1 KB	19ms 19ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/default/toolbar/bg.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:37:13 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 904 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	btn.gif winintro.ru/files/images/default/button/	4 KB 4 KB	19ms 19ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/default/button/btn.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:36:57 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 4298 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	home.png winintro.ru/files/images/	1 KB 1 KB	19ms 19ms	Image image/png	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/home.png Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:36:54 GMT server nginx content-type image/png cache-control max-age=5184000 accept-ranges bytes content-length 1110 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	grid-blue-split.gif winintro.ru/files/images/default/grid/	817 B 996 B	17ms 17ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/default/grid/grid-blue-split.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:37:01 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 817 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	toc-panel.gif winintro.ru/files/images/	954 B 1 KB	18ms 18ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/toc-panel.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:36:55 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 954 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	print.gif winintro.ru/files/images/	1 KB 1 KB	19ms 18ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/print.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:36:55 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 1032 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	back.gif winintro.ru/files/	316 B 495 B	17ms 16ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/back.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/helpindex.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/helpindex.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 316 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	next.gif winintro.ru/files/	314 B 493 B	16ms 16ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/next.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/helpindex.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/helpindex.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma public date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 314 expires Fri, 07 Jan 2022 21:30:20 GMT
GET H2	200	/ Show response www.acint.net/mc/ Frame F3AB Redirect Chain https://www.acint.net/mc/?dp=10 https://www.acint.net/mc/?dp=10&tc=1	3 KB 4 KB	14ms 13ms	Document text/html	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.acint.net/mc/?dp=10&tc=1 Requested by Host: www.acint.net URL: https://www.acint.net/aci.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash 2aaa925bc202626b00792d9ff0002bc6fccd1ec97e4b198e1009171beaeedf6c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers server openresty date Mon, 08 Nov 2021 21:30:20 GMT content-type text/html p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" content-encoding gzip Redirect headers server openresty date Mon, 08 Nov 2021 21:30:20 GMT content-type text/html content-length 154 location /mc/?dp=10&tc=1
GET H2	200	/ www.acint.net/hit/	43 B 340 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/hit/?v=0.3.0&uid=a15970d8-54c0-451b-b552-e2bd9d72399c&dp=10&tz=%2B00%3A00&nc=75994610&u=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&r=&rs=1600x1200&t=Start%2C%20Stop%2C%20or%20Restart%20an%20AD%20LDS%20Instance&oE=1&oP=1&dT=2021-11-08T21%3A30%3A20.094&fu=688c1c8e-2dcf-45c2-af99-e5b1fe688e8b Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	match ads.betweendigital.com/ Frame F3AB Redirect Chain https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEC9689611C07389902EC519B https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEC9689611C07389902EC519B&crf=1	68 B 607 B	99ms 98ms	Image image/png	96.46.186.57 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEC9689611C07389902EC519B&crf=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=73&external_user_id=0100007FEC9689611C07389902EC519B&crf=1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	match acint.net/ Frame F3AB Redirect Chain https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D https://acint.net/match?dp=14&euid=0100007FEC9689618900C76002DD9BF2	43 B 270 B	43ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=14&euid=0100007FEC9689618900C76002DD9BF2 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Date Mon, 08 Nov 2021 21:30:20 GMT Server openresty P3P CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" Location https://acint.net/match?dp=14&euid=0100007FEC9689618900C76002DD9BF2 Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Connection keep-alive Content-Type text/html Content-Length 142 Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	match acint.net/ Frame F3AB Redirect Chain https://px.adhigh.net/p/cm/sape?u=0100007FEC9689611C07389902EC519B https://px.adhigh.net/p/cm/sape?u=0100007FEC9689611C07389902EC519B&bounced=1 https://acint.net/match?dp=17&euid=usXTf47g1xbx.AikABlF9AXWLIQ	43 B 269 B	11ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=17&euid=usXTf47g1xbx.AikABlF9AXWLIQ Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers pragma no-cache date Mon, 08 Nov 2021 21:30:20 GMT server nginx access-control-allow-origin * x-backend-id f1-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://acint.net/match?dp=17&euid=usXTf47g1xbx.AikABlF9AXWLIQ cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	cm.gif ad.mail.ru/ Frame F3AB	43 B 764 B	206ms 51ms	Image image/gif	2a00:1148:db00::17 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mail.ru/cm.gif?p=48&id=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:20 GMT Last-Modified Mon, 08 Nov 2021 21:30:20 GMT Server nginx Cross-Origin-Opener-Policy same-origin Cross-Origin-Embedder-Policy require-corp Content-Type image/gif Cache-Control max-age=21600 Cross-Origin-Resource-Policy cross-origin Connection keep-alive Timing-Allow-Origin * Content-Length 43 Expires Tue, 09 Nov 2021 03:30:20 GMT
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame F3AB Redirect Chain https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5317945989 https://www.acint.net/rmatch?dp=45&euid=AA_ZQHUNtDiK9iCFrnulnRA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEC9689611C07389902EC519B	42 B 201 B	200ms 80ms	Image image/gif	81.222.128.216 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Server 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad16.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:20 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers date Mon, 08 Nov 2021 21:30:20 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEC9689611C07389902EC519B cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type text/html content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	204	sync a.utraff.com/ Frame F3AB	0 820 B	1492ms 569ms	Image text/plain	2606:4700:3039::6815:c04e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.utraff.com/sync?ssp=sape Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3039::6815:c04e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-methods GET, POST, OPTIONS content-type text/plain report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSuc1Tfqhik4x%2FDdVye8%2BRdB4gSKJqSffGlIjFb%2BUGccDWoz7PdSMjNmuHndwlDWsKeHmcRR4h4bcY7%2FQTJ0fth3kPxBDWM1jN8yYnY42PLC%2BcDII2fn7T4ir7OkkmehRpT1GDlkNt8voA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true cf-ray 6ab1e6ea0c333759-MXP access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame F3AB Redirect Chain https://sync.republer.com/match?dsp=sape https://sync.republer.com/match?dsp=sape&qset=1 https://sync.bumlam.com/?src=rp1&uid=a077ccf0-0ced-4d39-afc6-21b1dc6f593e https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjsraaMBlIEioaQK2IkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNl https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjsraaMBlIEioaQK2IkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw** https://sync.bumlam.com/?src=rp1&s_data=CAIQABjsraaMBmIkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw** https://sync.bumlam.com/?src=rp1&s_data=CAIQARjsraaMBmIkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw**	43 B 552 B	7ms 7ms	Image image/gif	31.172.81.158 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=rp1&s_data=CAIQARjsraaMBmIkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw** Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Server 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:20 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type image/gif Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Redirect headers Date Mon, 08 Nov 2021 21:30:20 GMT Server nginx ETag 13316be6-40db-11ec-a6e9-002590c82437 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //sync.bumlam.com/?src=rp1&s_data=CAIQARjsraaMBmIkYTA3N2NjZjAtMGNlZC00ZDM5LWFmYzYtMjFiMWRjNmY1OTNlogEQEzFr5kDbEeym6QAlkMgkNw** Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Length 0
GET H2	204	match dm-eu.hybrid.ai/ Frame F3AB	0 239 B	54ms 13ms	Image text/plain	37.18.103.16 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm-eu.hybrid.ai/match?id=106&vid=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:20 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 508 x-xss-protection 1; mode=block expires -1
GET H/1.1	200 OK	adcm.js Show response tag.digitaltarget.ru/ Frame F3AB	3 KB 3 KB	205ms 64ms	Script application/javascript	185.15.175.157 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/adcm.js Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:20 GMT Last-Modified Thu, 14 Oct 2021 23:50:04 GMT Server nginx ETag "6168c22c-beb" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 3051
GET H2	204	sape sync.dmp.otm-r.com/match/ Frame F3AB	0 70 B	49ms 11ms	Image text/plain	88.99.28.61 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/sape?id=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.61.28.99.88.clients.your-server.de Software nginx/1.17.10 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers access-control-allow-origin * date Mon, 08 Nov 2021 21:30:20 GMT server nginx/1.17.10
GET H2	200	match www.acint.net/ Frame F3AB Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-yWiWEcBziZAuxRmw https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-yWiWEcBziZAuxRmw&google_tc= https://www.acint.net/match?dp=77&euid=	43 B 269 B	12ms 12ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=77&euid= Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers pragma no-cache date Mon, 08 Nov 2021 21:30:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.acint.net/match?dp=77&euid= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ adlmerge.com/merge_gpsid/ Frame F3AB Redirect Chain https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FEC9689611C07389902EC519B https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEC9689611C07389902EC519B	43 B 115 B	65ms 15ms	Image image/gif	95.211.66.35 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS hosted-by.leaseweb.com Software nginx/1.16.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers iseu eu server nginx/1.16.0 date Mon, 08 Nov 2021 21:30:20 GMT content-type image/gif Redirect headers location //adlmerge.com/merge_gpsid/?sid=50&id=0100007FEC9689611C07389902EC519B date Mon, 08 Nov 2021 21:25:02 GMT server nginx content-length 0
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame F3AB	42 B 201 B	320ms 78ms	Image image/gif	81.222.128.216 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad16.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:20 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	sprcs relap.io/partners/ Frame F3AB	43 B 1018 B	251ms 62ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/partners/sprcs?uid=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:20 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-server back17 content-length 43 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	204	0.gif x01.aidata.io/ Frame F3AB Redirect Chain https://adx.com.ru/sape-sync?uid=0100007FEC9689611C07389902EC519B https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FEC9689611C07389902EC519B https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=618996ecf0e015b69cfc3234&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru... https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=618996ecf0e015b69cfc3234&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru... https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D618996ecf0e015b69cfc3234%2526r%253Dhttps%25253A... https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D618996ecf0e015b69cfc3234%2526r%253Dhttps%25253A... https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D618996ecf0e015b69cfc3234%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D618996ecf0... https://prodmp.ru/yabbi.gif?uid=618996ecf0e015b69cfc3234&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D618996ecf0e015b69cfc3234%26dest%3D https://x01.aidata.io/0.gif?pid=9712851&id=618996ecf0e015b69cfc3234&dest=	0 432 B	44ms 44ms	Image text/plain	89.108.120.76 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://x01.aidata.io/0.gif?pid=9712851&id=618996ecf0e015b69cfc3234&dest= Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51804.reg.regrucolo.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 08 Nov 2021 21:30:19 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 expires Mon, 08 Nov 2021 21:30:19 GMT Redirect headers location https://x01.aidata.io/0.gif?pid=9712851&id=618996ecf0e015b69cfc3234&dest= date Mon, 08 Nov 2021 21:30:20 GMT access-control-allow-credentials true server nginx content-type image/gif content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	pixel.gif sync.1dmp.io/ Frame F3AB Redirect Chain https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEC9689611C07389902EC519B https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEC9689611C07389902EC519B&cs=1	35 B 376 B	27ms 27ms	Image image/gif	95.216.101.186 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEC9689611C07389902EC519B&cs=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.186.101.216.95.clients.your-server.de Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-type image/gif content-length 35 expires 0 Redirect headers location /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEC9689611C07389902EC519B&cs=1 date Mon, 08 Nov 2021 21:30:20 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-length 0 expires 0
GET H2	200	match www.acint.net/ Frame F3AB Redirect Chain https://sape-sync.rutarget.ru/sync https://www.acint.net/match?dp=104&euid=qkajtL6Zicrk	43 B 269 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=104&euid=qkajtL6Zicrk Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Location https://www.acint.net/match?dp=104&euid=qkajtL6Zicrk Date Mon, 08 Nov 2021 21:30:20 GMT Server nginx Connection keep-alive Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	200	match acint.net/ Frame F3AB Redirect Chain https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 https://acint.net/match?dp=107&euid=b2db8511-df7b-5339-9f80-e226fe0974ca	43 B 269 B	12ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=107&euid=b2db8511-df7b-5339-9f80-e226fe0974ca Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers location https://acint.net/match?dp=107&euid=b2db8511-df7b-5339-9f80-e226fe0974ca cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	match www.acint.net/ Frame F3AB Redirect Chain https://0100007fec9689611c07389902ec519b-sp.ops.beeline.ru/p?ssp=sp&id=0100007FEC9689611C07389902EC519B https://www.acint.net/match?dp=111&euid=16e89efc-0223-40f7-a2a0-246b350b4e4d	43 B 269 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=111&euid=16e89efc-0223-40f7-a2a0-246b350b4e4d Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers date Mon, 08 Nov 2021 21:30:20 GMT x-route http://upstream_cookiesync server nginx location https://www.acint.net/match?dp=111&euid=16e89efc-0223-40f7-a2a0-246b350b4e4d access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true, true x-host 192.168.152.33 access-control-allow-headers authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	matchspm ut.rktch.com/ Frame F3AB Redirect Chain https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FEC9689611C07389902EC519B https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect https://ut.rktch.com/matchspm?pi=1000006&pui=lXsC8HQWDmkKkd8nbOXyfe&noredirect	88 B 88 B	52ms 51ms	Image image/png	89.108.97.2 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://ut.rktch.com/matchspm?pi=1000006&pui=lXsC8HQWDmkKkd8nbOXyfe&noredirect Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Server 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d50603.reg.regrucolo.ru Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:20 GMT Server nginx/1.18.0 Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Content-Type image/png Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type, Accept, Authorization Content-Length 88 Redirect headers pragma no-cache date Mon, 08 Nov 2021 21:30:20 GMT via 1.1 google last-modified Mon, 08 Nov 2021 21:30:20 GMT server nginx/1.12.0 location https://ut.rktch.com/matchspm?pi=1000006&pui=lXsC8HQWDmkKkd8nbOXyfe&noredirect p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc clear content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	match www.acint.net/ Frame F3AB Redirect Chain https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FEC9689611C07389902EC519B https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FEC9689611C07389902EC519B https://tech.rtb.mts.ru/?dsp_uid=5bb65960-f11b-49e6-acbd-d4bacf981574&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%... https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id= https://www.acint.net/match?dp=125&euid=5bb65960-f11b-49e6-acbd-d4bacf981574	43 B 269 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=125&euid=5bb65960-f11b-49e6-acbd-d4bacf981574 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:21 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Date Mon, 08 Nov 2021 21:30:15 GMT Server nginx Access-Control-Allow-Origin * Vary Origin Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS Location https://www.acint.net/match?dp=125&euid=5bb65960-f11b-49e6-acbd-d4bacf981574 Cache-Control no-store, no-cache, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	match www.acint.net/ Frame F3AB Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D https://www.acint.net/match?dp=126&euid=a533669b-7cc1-48b2-7907-48f3a3c4e2a6	43 B 269 B	12ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=126&euid=a533669b-7cc1-48b2-7907-48f3a3c4e2a6 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers location https://www.acint.net/match?dp=126&euid=a533669b-7cc1-48b2-7907-48f3a3c4e2a6 date Mon, 08 Nov 2021 21:30:20 GMT server nginx content-length 115 serverid TODO content-type text/html; charset=utf-8
GET H2	200	match www.acint.net/ Frame F3AB Redirect Chain https://s.uuidksinc.net/match/396/0100007FEC9689611C07389902EC519B https://www.acint.net/match?dp=127&euid=HONiAOVMmIe8YD7UppN8	43 B 269 B	12ms 12ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=127&euid=HONiAOVMmIe8YD7UppN8 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers location https://www.acint.net/match?dp=127&euid=HONiAOVMmIe8YD7UppN8 date Mon, 08 Nov 2021 21:30:20 GMT server nginx/1.19.0 content-length 0
GET H/1.1	204 No Content	userbind match.new-programmatic.com/ Frame F3AB	0 215 B	430ms 57ms	Image text/plain	217.65.2.150 CITYTELECOM-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://match.new-programmatic.com/userbind?src=sape&id=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 08 Nov 2021 21:29:26 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 Connection keep-alive Content-Length 0 Vary Origin
GET H2	204	0100007FEC9689611C07389902EC519B fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame F3AB	0 190 B	158ms 49ms	Image text/plain	93.95.102.105 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
GET H2	404	W7ZZYPEbSeasvdS6z5gVdA an.yandex.ru/setud/mts_banner/ Frame F3AB Redirect Chain https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEC9689611C07389902EC519B https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEC9689611C07389902EC519B&bounce=1 https://sm.rtb.mts.ru/p?ssp=aidata&id=ljrYOs5D%2Fn%2FWayCa8PZejA https://sm.rtb.mts.ru/match/second?ssp=51&exu=ljrYOs5D%2Fn%2FWayCa8PZejA https://tech.rtb.mts.ru/?dsp_uid=5bb65960-f11b-49e6-acbd-d4bacf981574&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FW7ZZYPEbSeasvdS6z5gVdA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts... https://an.yandex.ru/setud/mts_banner/W7ZZYPEbSeasvdS6z5gVdA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DljrYOs5D%252Fn%252FWayCa8PZejA&sign=2647533769	43 B 103 B	288ms 288ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/setud/mts_banner/W7ZZYPEbSeasvdS6z5gVdA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DljrYOs5D%252Fn%252FWayCa8PZejA&sign=2647533769 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip last-modified Mon, 08 Nov 2021 21:30:21 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=windows-1251 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 08 Nov 2021 21:30:21 GMT Redirect headers Date Mon, 08 Nov 2021 21:30:21 GMT Server nginx/1.13.12 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://an.yandex.ru/setud/mts_banner/W7ZZYPEbSeasvdS6z5gVdA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DljrYOs5D%252Fn%252FWayCa8PZejA&sign=2647533769 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame F3AB	0 523 B	299ms 299ms	Image text/html	31.172.81.158 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=sap1&uid=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:21 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	0100007FEC9689611C07389902EC519B an.yandex.ru/mapuid/sapeis/ Frame F3AB Redirect Chain https://an.yandex.ru/mapuid/sapeis/0100007FEC9689611C07389902EC519B https://an.yandex.ru/mapuid/sapeis/0100007FEC9689611C07389902EC519B?redir-setuniq=1	43 B 180 B	66ms 65ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/sapeis/0100007FEC9689611C07389902EC519B?redir-setuniq=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip last-modified Mon, 08 Nov 2021 21:30:21 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 08 Nov 2021 21:30:21 GMT Redirect headers pragma no-cache date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip last-modified Mon, 08 Nov 2021 21:30:20 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/sapeis/0100007FEC9689611C07389902EC519B?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 08 Nov 2021 21:30:20 GMT
GET H2	200	frame.html Show response s3.advarkads.com/modules/match/ Frame 9082	187 B 404 B	434ms 401ms	Document text/html	2606:4700:10::6816:457 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEC9689611C07389902EC519B Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ Response headers date Mon, 08 Nov 2021 21:30:20 GMT content-type text/html cache-control max-age=60 last-modified Wed, 13 Oct 2021 12:55:49 GMT vary Accept-Encoding access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6ab1e6e478fd6903-FRA content-encoding gzip
GET H/1.1	200 OK	processor.js Show response tag.digitaltarget.ru/ Frame F3AB	15 KB 15 KB	124ms 124ms	Script application/javascript	185.15.175.157 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/processor.js?i=820672834782452 Requested by Host: tag.digitaltarget.ru URL: https://tag.digitaltarget.ru/adcm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:20 GMT Last-Modified Thu, 14 Oct 2021 23:50:04 GMT Server nginx ETag "6168c22c-3cc1" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 15553
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/	267 KB 96 KB	335ms 34ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97992 x-xss-protection 0 server cafe etag 6769920751861283988 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 08 Nov 2021 21:30:20 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame D3F6	11 KB 5 KB	174ms 7ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 08 Nov 2021 18:47:13 GMT expires Mon, 22 Nov 2021 18:47:13 GMT content-type text/html; charset=UTF-8 etag 2948287274155451234 x-content-type-options nosniff content-encoding gzip server cafe content-length 4905 x-xss-protection 0 age 9787 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	frame.js Show response s3.advarkads.com/modules/match/ Frame 9082	22 KB 7 KB	13ms 13ms	Script application/javascript	2606:4700:10::6816:457 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.advarkads.com/modules/match/frame.js Requested by Host: s3.advarkads.com URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEC9689611C07389902EC519B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5a0f4fa617d5d9940c099afe919047ba8e53e171df11a2dd7afd3e3eb53c230 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEC9689611C07389902EC519B User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:20 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 18 Oct 2021 16:55:30 GMT server cloudflare age 21 etag "02d1df540c4d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=60 accept-ranges bytes cf-ray 6ab1e6e7ea266903-FRA content-length 7379
GET H/1.1	200 OK	match api.advarkads.com/api/statistic/ Frame 9082	43 B 389 B	172ms 62ms	Image image/gif	23.111.109.220 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007FEC9689611C07389902EC519B Requested by Host: s3.advarkads.com URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEC9689611C07389902EC519B Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.111.109.220 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.18.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://s3.advarkads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Mon, 08 Nov 2021 20:31:01 GMT Server nginx/1.18.0 X-Powered-By ASP.NET Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires -1
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	201 B 636 B	44ms 17ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=winintro.ru&callback=_gfp_s_&client=ca-pub-2339592383170032 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 61d4cb751f3ce6ebc088975e391727fa4a418b68993aa7c6f7e19952dcd41ebd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 192 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	53ms 16ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	42ms 18ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 61B3	103 KB 33 KB	674ms 373ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1636407020&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020542&bpp=3&bdt=589&idt=366&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7869158851809&frm=20&pv=2&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=385 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1d54684f3428f120f44d23461b902e9ddf98676035792dff73992c94e0d5ea77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Mon, 08 Nov 2021 21:30:21 GMT server cafe content-length 33480 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame CFCB	90 KB 30 KB	881ms 592ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f58e5363487d8ca74fafcfefdf05e5d33b1c7ee76cfa32f07f0bd4adcc14dd6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Mon, 08 Nov 2021 21:30:21 GMT server cafe content-length 30714 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/1093/i/ Frame F3AB Redirect Chain https://dmg.digitaltarget.ru/1/1093/i/i?i=130407674425100.753078853274325&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:... https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.753078853274325&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC968...	49 B 602 B	62ms 61ms	Image image/gif	185.15.175.145 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.753078853274325&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Server 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:24 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 2 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Mon, 08 Nov 2021 21:30:24 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.753078853274325&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 0 Content-Length 0 X-Content-Type-Options nosniff
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/1093/i/ Frame F3AB Redirect Chain https://dmg.digitaltarget.ru/1/1093/i/i?i=130407674425100.458012132396403&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:... https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.458012132396403&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC968...	49 B 602 B	64ms 64ms	Image image/gif	185.15.175.145 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.458012132396403&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_noorient Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Server 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Mon, 08 Nov 2021 21:30:21 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 3 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Mon, 08 Nov 2021 21:30:21 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=130407674425100.458012132396403&a=77&e=0100007FEC9689611C07389902EC519B&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FEC9689611C07389902EC519B.sync:up.xdua:du2SsoAI4sSuES35gzBG5XDj.xps:xpsmfquo6BFqcOV7S24MCstwc.dn:acint__net.adcm:hit.tg:adcmjs_noorient X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 0 Content-Length 0 X-Content-Type-Options nosniff
GET H2	200	reactive_library_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/	148 KB 52 KB	39ms 38ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/reactive_library_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ec9374d1607258b5dd390988d8ace73af68262442b7e57870c09568896dbfae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53581 x-xss-protection 0 server cafe etag 15993489927635577036 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 08 Nov 2021 21:30:21 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 121 B	40ms 40ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-2339592383170032&eid=44754331%2C31060048 Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	40ms 40ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2339592383170032&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20211103_113518&sat=1636182784131&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.228&alldns=0.228&allp=41&fd=(0%2C10%2C0)%2C(1%2C0%2C0)%2C(2%2C1%2C0)&pgh=1228&su=winintro.ru&pvc=613223310341625&r=0.1&eid=44754331%2C31060048 Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	40ms 40ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-2339592383170032&eid=44754331%2C31060048 Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	317ms 16ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Nov 2021 21:30:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	317ms 16ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Nov 2021 21:30:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/ Frame 61E3	11 KB 5 KB	7ms 7ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 08 Nov 2021 18:47:31 GMT expires Mon, 22 Nov 2021 18:47:31 GMT content-type text/html; charset=UTF-8 etag 2948287274155451234 x-content-type-options nosniff content-encoding gzip server cafe content-length 4905 x-xss-protection 0 age 9770 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	adview googleads.g.doubleclick.net/pagead/ Frame 61E3	0 0	50ms 50ms	Fetch text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CpeOR7ZaJYcq-EtOV7_UP2c63OM3rpslj5c2b7PUNsJAfEAEgg4yKR2CV-vCBjAegAf2Q8_sCyAECqAMByAPJBKoE_gFP0BnJJHLG-dqzc1zt5F3X32jEPYlVXRZYPYKhtLbUfXV8-gdQzA-8S4X5V7UPT0li8jVa1PlIfVHX6XWDCJ2jOnRxdT2B_Ln3cRRth7HeKYGjK48eAuuVlMwzAI3RNW-ar4SDpMFVEqOWsU03Lqly82gW8lXxvdiJDw-hOfwrQTdUHZ_olG2C9ltTyaCx4zY_G5YTgYo0TMj-rL2Y39ZOIfNA_bIINdVs-1KWuHFqB0v5dSx0SGErFWofj4rN9YBmgHbP2ixKOHXIXGhMiB00sx11KzRyb-SuVIb_eMikX3OmoSI8p7QAZ0GpffDVLeQfLmdY8E11UzaCml9JqMAErp3PveEBkgUECAQYAZIFBAgFGASgBgKAB-vujIQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ8_8Y0ggJCIDhgBAQARhfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTIzMzk1OTIzODMxNzAwMzIYAA&sigh=qASNVyfffLY&uach_m=[UACH] Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Mon, 08 Nov 2021 21:30:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 61E3	19 KB 8 KB	34ms 7ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:26:06 GMT content-encoding gzip x-content-type-options nosniff age 255 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7933 x-xss-protection 0 server cafe etag 7671872550847203596 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 21:26:06 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 61E3	3 KB 2 KB	39ms 13ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:28:01 GMT content-encoding gzip x-content-type-options nosniff age 140 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1470 x-xss-protection 0 server cafe etag 9165589572046851897 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 21:28:01 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 61E3	120 KB 37 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37686 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1635939303405469" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 08 Nov 2021 21:30:21 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 61E3	15 KB 7 KB	33ms 8ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:24:58 GMT content-encoding gzip x-content-type-options nosniff age 323 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6619 x-xss-protection 0 server cafe etag 4215814365075848680 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 21:24:58 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 61E3	0 0	40ms 15ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRTY2KIAkPTN_HLzDx6RTWuM5Rm3UhIyIahxRsAbYg5P1zoxOz5P_AfwBIPWRbZOHkCKquoFy81grt7kHjxyfWqeYe3CA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	one_click_handler_one_afma_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 61E3	27 KB 11 KB	39ms 13ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 09:05:22 GMT content-encoding gzip x-content-type-options nosniff age 44699 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11538 x-xss-protection 0 server cafe etag 16299297374704173702 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 09:05:22 GMT
GET H2	200	10773321629758874711 tpc.googlesyndication.com/simgad/ Frame 61E3	14 KB 15 KB	39ms 15ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10773321629758874711?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm17qLwa0kJApr6bP5WA86CJGMPAg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash deb96e5ce200fe0a38236d428853ce8f471db34d1b3cf02e1246b0d165be8ac1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:12:24 GMT x-content-type-options nosniff age 1077 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14815 x-xss-protection 0 last-modified Tue, 22 Jan 2019 10:21:26 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 08 Nov 2022 21:12:24 GMT
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7A50	143 B 222 B	9ms 6ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Mon, 08 Nov 2021 20:37:38 GMT server cafe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 3163 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 0A31	1 KB 864 B	8ms 7ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 08 Nov 2021 18:26:41 GMT expires Tue, 09 Nov 2021 18:26:41 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 11020 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 61E3	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b5291cbd5c6aab5baeddbadcab5b6720554c0e26fa93fd5c75770e3461b7db68 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css fonts.googleapis.com/ Frame CFCB	3 KB 1 KB	40ms 17ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 08 Nov 2021 20:50:28 GMT server ESF date Mon, 08 Nov 2021 21:30:21 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Mon, 08 Nov 2021 21:30:21 GMT
GET H2	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CFCB	2 KB 991 B	309ms 7ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:11:29 GMT content-encoding gzip x-content-type-options nosniff age 1133 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 885 x-xss-protection 0 server cafe etag 638833322182864030 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 21:11:29 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame CFCB	19 KB 8 KB	305ms 8ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:26:06 GMT content-encoding gzip x-content-type-options nosniff age 256 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7933 x-xss-protection 0 server cafe etag 7671872550847203596 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 21:26:06 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CFCB	3 KB 1 KB	308ms 11ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:28:01 GMT content-encoding gzip x-content-type-options nosniff age 141 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1470 x-xss-protection 0 server cafe etag 9165589572046851897 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 21:28:01 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CFCB	120 KB 37 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:21 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37686 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1635939303405469" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 08 Nov 2021 21:30:21 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CFCB	15 KB 7 KB	306ms 10ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:24:58 GMT content-encoding gzip x-content-type-options nosniff age 324 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6619 x-xss-protection 0 server cafe etag 4215814365075848680 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 22 Nov 2021 21:24:58 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame CFCB	0 0	15ms 15ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQV2_gijAWosaZ5JujOwph1OuKD4LtlMiMn3qEpo9S0NR3WKPfKjz3bt7u_6uSZPSireOdR8cR5Ec0FzAHlv9YwbF0lfw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H2	200	5193475774055ccce470a7af02e48ef6.js Show response www.gstatic.com/mysidia/ Frame CFCB	27 KB 12 KB	33ms 8ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 05:32:03 GMT content-encoding gzip x-content-type-options nosniff age 575898 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11340 x-xss-protection 0 last-modified Thu, 28 Oct 2021 04:53:03 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Mon, 31 Jan 2022 05:32:03 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 0A31	35 B 463 B	36ms 9ms	Image image/gif	2620:116:800d:21:51e4:db4b:4436:b305 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEeCcjeVmujPlRq50_hJ56o&google_cver=1&google_push=AYg5qPJysGYnXk9G-bRWBXWSmLeZDXAgnJ4vplsvKmYHhbdNBl2IRWHQh517Bhjb2Fe57jahhgx8z3tTEJyOLgpyf8qgUsQP_7I Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0A31 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFjNM73XBKgstX6-5p5Snbc&google_cver=1&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s https://rtb.openx.net/sync/dds?google_gid=CAESEFjNM73XBKgstX6-5p5Snbc&google_cver=1&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s&google_hm=xz58CxfzyBEI5mslZqa72w==	170 B 188 B	18ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s&google_hm=xz58CxfzyBEI5mslZqa72w== Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJC8V2nNoenckFM8WjdhgPWpxyZvt2Oqqbvkn6cKIR5xK9qZObugwhF1r6z28iBh-mfsV4ah6U0mh5vTEvC8AivAHLcw6s&google_hm=xz58CxfzyBEI5mslZqa72w== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id 73kchibnf5cg4l9qllupeaovbi104mkk
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0A31 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJosTE8UZ0AbvMDkQREFR_9HXO8kCttRFckpdVxeIUKRzuH9k4-uwRHfkuVF74Ef6n-sdgQwIJ-yTdFcBgXSRiFyl-8Iqk Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJosTE8UZ0AbvMDkQREFR_9HXO8kCttRFckpdVxeIUKRzuH9k4-uwRHfkuVF74Ef6n-sdgQwIJ-yTdFcBgXSRiFyl-8Iqk date Mon, 08 Nov 2021 21:30:21 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0A31 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECfqrQbfWKlJ5PC3nAMFgWQ&google_cver=1&google_push=AYg5qPLE3yRjF6AXiPmWKkGjNIdnm_1cfz7MOJbVl19HVe6xkQBFtmRqedKHgXriUMngoPySk_5... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhONkctNC1KMzVZ&google_push=AYg5qPLE3yRjF6AXiPmWKkGjNIdnm_1cfz7MOJbVl19HVe6xkQBFtmRqedKHgXriUMngoPySk_5lYw8Zh0ZaQgdC-8jNcG2YOF8	170 B 188 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhONkctNC1KMzVZ&google_push=AYg5qPLE3yRjF6AXiPmWKkGjNIdnm_1cfz7MOJbVl19HVe6xkQBFtmRqedKHgXriUMngoPySk_5lYw8Zh0ZaQgdC-8jNcG2YOF8 Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhONkctNC1KMzVZ&google_push=AYg5qPLE3yRjF6AXiPmWKkGjNIdnm_1cfz7MOJbVl19HVe6xkQBFtmRqedKHgXriUMngoPySk_5lYw8Zh0ZaQgdC-8jNcG2YOF8 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 4cdacfaa68e4ab216fffbcc107c5b898 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 0A31 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtA...	0 0
GET H2	200	trk ag.innovid.com/ Frame 0A31	43 B 296 B	196ms 20ms	Image image/gif	2a05:d01c:1d8:8101:eec7:f742:88:31c AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESENs0T6n-rer48vsJiljeS44&google_cver=1&google_push=AYg5qPI3x1FSwIJc_rw_emfcnkejlcOmTrhsVxPyJQcFR3RA3PNdw5BUIl9TmzmmYp1kWQobYM1paaFkuF4YCJ9rHgGzpWk31w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8101:eec7:f742:88:31c London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT cache-control no-cache content-type image/gif content-length 43 request-time 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0A31 Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEN3amU2vDsbWBoz82hSJ9Nw&google_cver=1&google_push=AYg5qPJSuRHotrD4Swy0-5cy... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSuRHotrD4Swy0-5cyu3HheJ4sk-ACVOY3lYLBZTZFeHi6bID64eS8d37ThrmPUuKP_Vi8lyjdMkEdy1gf5xP2tyXNkkg&google_hm=	170 B 188 B	19ms 19ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSuRHotrD4Swy0-5cyu3HheJ4sk-ACVOY3lYLBZTZFeHi6bID64eS8d37ThrmPUuKP_Vi8lyjdMkEdy1gf5xP2tyXNkkg&google_hm= Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJSuRHotrD4Swy0-5cyu3HheJ4sk-ACVOY3lYLBZTZFeHi6bID64eS8d37ThrmPUuKP_Vi8lyjdMkEdy1gf5xP2tyXNkkg&google_hm= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Sun, 07 Nov 2021 21:30:21 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 0A31	0 12 B	15ms 15ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8TaL0EDJfbYdImxwoW2Z1rNp8M2EGe2edY0Mw18SvPNNx3VFnIDvImsBhOILzJfq28ZDW2A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:21 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/2867706081783990145/ Frame CFCB	49 KB 49 KB	290ms 13ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2867706081783990145/downsize_200k_v1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48bea1b4a3c6e748bf176c106c697d16eeff0b4baf9dafd977c9779da781fe6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 03:52:21 GMT x-content-type-options nosniff age 409081 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50467 x-xss-protection 0 last-modified Wed, 09 Jan 2019 09:04:35 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 04 Nov 2022 03:52:21 GMT
GET DATA	200 OK	truncated / Frame CFCB	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	adview googleads.g.doubleclick.net/pagead/ Frame CFCB	0 0	49ms 49ms	Fetch text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cuyva7ZaJYd65ErbC7_UPlPmYmAOw84_IY6fSrrq3DLCQHxABIIOMikdglfrwgYwHoAH9kPP7AsgBCagDAcgDywSqBIECT9C0ESqn72b9FRg9YGzZst2BgeCGxUIEXhMheUdGsr2-FZy9uxIZgkEUKeLBuxcHOgVWI_HJYBG6m7qn6Cmk2VMP5iNRWeQugDVcVShRYWhhi9T6AtG1-DUpp4pIJPmS66WYd1khuiJStItWi7gyCZPxF2tHF4K-6dg8QYB6E-1JVMeXPyGunYsbqnvd_I4o-YpgSAjrjOtFbUZIE2-s20fEzaV4deNjGN8Q8qpk199KvnEn6OwJdzQVo9Pcd67mlD6PZtTpRlxnyVzKuTiV0d5yH-XYxuk4zfRg5L-cHbTjG_sbToHgle87qlzFwhEif6sHWy0MuOVFA5udtok4xbHABMvCo__yAZIFBAgEGAGSBQQIBRgEoAYugAfr7oyEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFEIThxQHSCAkIgOGAEBABGF-ACgHICwG4E4gn2BMMiBQB0BUBgBcBshccChoIABIUcHViLTIzMzk1OTIzODMxNzAwMzIYAA&sigh=scuBZ0j32JI&uach_m=[UACH]&template_id=5000 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Mon, 08 Nov 2021 21:30:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7A50 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 173 B	77ms 76ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Mon, 08 Nov 2021 21:30:22 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 08 Nov 2021 21:30:22 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Mon, 08 Nov 2021 21:30:21 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response pagead2.googlesyndication.com/bg/ Frame 2341	35 KB 13 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 19:22:17 GMT content-encoding br x-content-type-options nosniff age 7684 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13338 x-xss-protection 0 last-modified Fri, 29 Oct 2021 13:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 08 Nov 2022 19:22:17 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame C84F	1 KB 788 B	8ms 8ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 08 Nov 2021 18:26:41 GMT expires Tue, 09 Nov 2021 18:26:41 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 11021 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame CFCB	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 724bfc4864d5283f6a9a1a9d66c97f49d8e85c9cf7124f15c88fa9cb738b3ae8 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame CFCB	21 KB 22 KB	32ms 8ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 22:45:31 GMT x-content-type-options nosniff age 341091 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21660 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:07:18 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 04 Nov 2022 22:45:31 GMT
GET H2	200	4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame CFCB	21 KB 21 KB	36ms 15ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 04 Nov 2021 22:11:08 GMT x-content-type-options nosniff age 343154 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21424 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:08:24 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 04 Nov 2022 22:11:08 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame C84F	35 B 210 B	11ms 10ms	Image image/gif	2620:116:800d:21:51e4:db4b:4436:b305 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEeCcjeVmujPlRq50_hJ56o&google_cver=1&google_push=AYg5qPL_iaC8PTdY2PSW3UM3GH1SPwRBTzp5HFP0AP8a6Fu8ghw44i4F8FvkS-4LSLenAnZykXAnq5z92--drlVgPhiP_eW1KKb2PQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 strict-transport-security max-age=86400 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame C84F Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLym5id... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLym5id... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDgyMTMwMjIwMDA1NTU1OTY2MDkyMg%3D%3D&google_push=AYg5qPLym5idS7yVvL8ryaOu0N62bMoCQvMt0-TIFDoqE-iqZ9ZHLW-r5DAzjw7ddVRSka...	170 B 188 B	18ms 18ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDgyMTMwMjIwMDA1NTU1OTY2MDkyMg%3D%3D&google_push=AYg5qPLym5idS7yVvL8ryaOu0N62bMoCQvMt0-TIFDoqE-iqZ9ZHLW-r5DAzjw7ddVRSkaGJ_MLBetCYNz0B3CiDevH6m-0WqbMd Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMDgyMTMwMjIwMDA1NTU1OTY2MDkyMg%3D%3D&google_push=AYg5qPLym5idS7yVvL8ryaOu0N62bMoCQvMt0-TIFDoqE-iqZ9ZHLW-r5DAzjw7ddVRSkaGJ_MLBetCYNz0B3CiDevH6m-0WqbMd pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT cache-control max-age=0, no-cache, no-store content-length 0 strict-transport-security max-age=2628000 expires Mon, 08 Nov 2021 21:30:22 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame C84F	43 B 324 B	33ms 15ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELST5O3yFkhvLkUAHp9EuwM&google_push=AYg5qPJAGQOGaTOfUiQRiauY23BeX1gp-4pmZ6kO-qCNv0RgYVvMUJUoa1GM1hyTb3UOtxeSjxXIOK2Dxj5S0XDtIv3AEl2USrZlTw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame C84F Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFjNM73XBKgstX6-5p5Snbc&google_cver=1&google_push=AYg5qPLTBEW7uxa5eK2ARV-wjvdJoaB-ZQuJRHTvUEpBRTXem7Nxz4Gvodj4bwg2G5fCJluJd9oNojeswRZJFEPShuuCrePRxOX4Eg https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLTBEW7uxa5eK2ARV-wjvdJoaB-ZQuJRHTvUEpBRTXem7Nxz4Gvodj4bwg2G5fCJluJd9oNojeswRZJFEPShuuCrePRxOX4Eg&google_hm=xz58CxfzyBEI5mslZqa72w==	170 B 188 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLTBEW7uxa5eK2ARV-wjvdJoaB-ZQuJRHTvUEpBRTXem7Nxz4Gvodj4bwg2G5fCJluJd9oNojeswRZJFEPShuuCrePRxOX4Eg&google_hm=xz58CxfzyBEI5mslZqa72w== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 08 Nov 2021 21:30:21 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLTBEW7uxa5eK2ARV-wjvdJoaB-ZQuJRHTvUEpBRTXem7Nxz4Gvodj4bwg2G5fCJluJd9oNojeswRZJFEPShuuCrePRxOX4Eg&google_hm=xz58CxfzyBEI5mslZqa72w== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id 08c6b4fo06k33p6a27im73ods36e1mo8
GET H3	200	pixel cm.g.doubleclick.net/ Frame C84F Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	17ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK9wbMXHVM3mXBJGLRxh04NuvboFzg0OATZvtSDUN9Ho6q0TNHsvEfcu03mvVeklxhu-yw_X8okrLbyWwTM5c8xbIV8LzppNQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7T7-O1mCTLuyDztYwbBTnA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK9wbMXHVM3mXBJGLRxh04NuvboFzg0OATZvtSDUN9Ho6q0TNHsvEfcu03mvVeklxhu-yw_X8okrLbyWwTM5c8xbIV8LzppNQ date Mon, 08 Nov 2021 21:30:21 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame C84F Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECfqrQbfWKlJ5PC3nAMFgWQ&google_cver=1&google_push=AYg5qPI0Dv1zpik4A7g-YYy6Wmd9TQBpb30nxKcu--iEy0HQb54Xqax7UHhdbViM3sndqqgMuZi... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhOR08tMTYtNFoxNg==&google_push=AYg5qPI0Dv1zpik4A7g-YYy6Wmd9TQBpb30nxKcu--iEy0HQb54Xqax7UHhdbViM3sndqqgMuZiZyUDUvI6EQn8SLf8M2Ivwhkw8aw	170 B 188 B	18ms 18ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhOR08tMTYtNFoxNg==&google_push=AYg5qPI0Dv1zpik4A7g-YYy6Wmd9TQBpb30nxKcu--iEy0HQb54Xqax7UHhdbViM3sndqqgMuZiZyUDUvI6EQn8SLf8M2Ivwhkw8aw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZSNkhOR08tMTYtNFoxNg==&google_push=AYg5qPI0Dv1zpik4A7g-YYy6Wmd9TQBpb30nxKcu--iEy0HQb54Xqax7UHhdbViM3sndqqgMuZiZyUDUvI6EQn8SLf8M2Ivwhkw8aw Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 4cdacfaa68e4ab216fffbcc107c5b898 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame C84F Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQ...	0 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame C84F	0 12 B	15ms 14ms	Image text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYSuWv_yQT5V2txDbJh7EKXIhYi1WfUrPlLOCUPbcoiSj6r5DUlokxohKE8DI621BD9bJP Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:22 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response pagead2.googlesyndication.com/bg/ Frame 479E	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1636407020&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fadam.en%2Fhtml%2Fe153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636407020545&bpp=3&bdt=592&idt=389&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7869158851809&frm=20&pv=1&ga_vid=46077487.1636407021&ga_sid=1636407021&ga_hid=789490091&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=22&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44754331%2C31060048&oid=2&pvsid=613223310341625&pem=611&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k03VdKO05r&p=https%3A//winintro.ru&dtd=395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 19:22:17 GMT content-encoding br x-content-type-options nosniff age 7685 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13338 x-xss-protection 0 last-modified Fri, 29 Oct 2021 13:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 08 Nov 2022 19:22:17 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 61E3	42 B 497 B	73ms 50ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMCZPgACdcyGAW4qAL3CDVw-KXpkOZY1mw9voNYfvQt2pU3mKHCepfipkGIGiZidi9YjeUcicrUlGqEf3vkiwczM_swp-8K7BhKtXaTw4iXE_-ZYNmhmQjVEOLv3Ayy0OlEPURTHl971XD&sai=AMfl-YQ7ExTEGIR-YsHAyiHlTS7JdNH83IL_NmvF8yLi9NkO1yr_K9imNa1GTPoKDHgz6GhQ8dQfjUGzvJMa3fUDEwmrAGq9hs_RO8k&sig=Cg0ArKJSzGZSE78J-Ut8EAE&cid=CAASF-RoyPpyfSE6Isa6CsXuHE5fnOHaqWW3&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=84,763,1001,1091,1258&tos=84,679,238,90,167&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636407021684&rpt=140&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.acint.net/ping/	43 B 224 B	12ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/ping/?v=0.3.0&uid=a15970d8-54c0-451b-b552-e2bd9d72399c&dp=10&tz=%2B00%3A00&nc=64034278&dT=2021-11-08T21%3A30%3A23.098 Requested by Host: winintro.ru URL: https://winintro.ru/adam.en/html/e153d38c-6dfb-4ae4-8b39-d22fd4f79e79.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:23 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame CFCB	42 B 108 B	50ms 49ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5F3EXic5OhNQ60ctcYtrizbvNgPxeXndTdtC2-V5JWg0A30k66du07RamnHx2CjbfmPwJLv2cmGn2lqjbrA8O6SGvSpluFoYAwHm218a1pC365pXF2AxhDyB-S6QiNrd7HVLo-TB3NY-2&sai=AMfl-YRnb1pMF5IVm_3lZAn2ssGyjwFPZdlPd9wI8lEmZ4yRYBAOsVj2jjZC2v3Un6GE4Pzh0fIrGHISR-cCWN15nhVpmDY0tGpqp9g&sig=Cg0ArKJSzNn6JaIayllCEAE&cid=CAASF-Ro5v4SC4mhvZJyNxh3NuFeIwtIAMkB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1636916721&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636407020941&rpt=1377&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Mon, 08 Nov 2021 21:30:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	20ms 19ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 96252abe46e784f9d62eebc753592bf2d78ef090907bd819f3dd8a2f3fd35330 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Mon, 08 Nov 2021 21:30:24 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9235 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 21:30:24 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Mon, 08 Nov 2021 21:30:24 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5686	12 KB 5 KB	8ms 8ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Mon, 08 Nov 2021 20:02:57 GMT expires Tue, 08 Nov 2022 20:02:57 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 5247 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame A9BA	783 B 1001 B	17ms 17ms	Document text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5842dfe344a03354498a7ad4354ea85f1c3b2b0ab04abbf073b84c071b0db127 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-W7rH0q/jDKPg3Cll9utVKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Mon, 08 Nov 2021 21:30:24 GMT date Mon, 08 Nov 2021 21:30:24 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-W7rH0q/jDKPg3Cll9utVKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response pagead2.googlesyndication.com/bg/ Frame 5686	35 KB 13 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 19:22:17 GMT content-encoding br x-content-type-options nosniff age 7687 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13338 x-xss-protection 0 last-modified Fri, 29 Oct 2021 13:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 08 Nov 2022 19:22:17 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame A9BA	0 0	48ms 48ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=613223310341625&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY&google_push=AYg5qPIsqzdOmY0Dk3j6jyAoRkT4wKqn3Hh74BTw28HSF5-bUtAYYcw57gxHV_2izcy-jC3oEs-1BC1gTjaPTBQSp8BpfG64wtU&google_cver=1

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYmW7VJQeVCJSIfHgo34kAAABJcAAAAB&google_push=AYg5qPL3xjatf7K8d2K0hcF-8pbF4Cs6cjATH_eJv2gCVW2f4NwNwWlJXw09ZDxciedewLEerfAT_4jY5B60ENlUAQMSP3KpEJqVGw&google_cver=1&google_gid=CAESEFaiS7nfSviV8ACoau9oxeY