bauinvest.su Open in urlscan Pro
45.130.41.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bauinvest.su/
Submission: On November 23 via manual (November 23rd 2022, 8:26:10 pm UTC) from US — Scanned from DE

Summary HTTP 219 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 60 domains to perform 219 HTTP transactions. The main IP is 45.130.41.21, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is bauinvest.su.
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.

This is the only time bauinvest.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	45.130.41.21 45.130.41.21	198610 (BEGET-AS) (BEGET-AS)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
19 36	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
3 18	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 3	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2 18	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
12	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1 23	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
3 3	193.3.184.228 193.3.184.228	50214 (QWARTA) (QWARTA)
1 1	193.3.184.210 193.3.184.210	50214 (QWARTA) (QWARTA)
3 4	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
1 2	3.248.125.109 3.248.125.109	16509 (AMAZON-02) (AMAZON-02)
1 3	54.77.23.81 54.77.23.81	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
8	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
2 2	185.15.175.148 185.15.175.148	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	52.211.148.182 52.211.148.182	16509 (AMAZON-02) (AMAZON-02)
1 1	176.9.79.218 176.9.79.218	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.78.249.201 80.78.249.201	197695 (AS-REG) (AS-REG)
1 1	23.88.12.14 23.88.12.14	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.149.30 91.192.149.30	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.150.45 193.232.150.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	217.66.147.33 217.66.147.33	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
2 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
2 2	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	45.9.24.193 45.9.24.193	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	188.72.107.228 188.72.107.228	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
24	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::28d 2a02:6b8::28d	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	2a02:6b8::487 2a02:6b8::487	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:41a8:104... 2001:41a8:104:3::8	6762 (SEABONE-N...) (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A.)
4 10	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.157.182.139 35.157.182.139	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.203.81.208 23.203.81.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
219	42

14 45.130.41.21 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.quasar.beget.com

bauinvest.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a02:6b8:a::a (Moscow, Russian Federation) 19 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.3.184.228 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.210 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.34.64 (Odesa, Ukraine) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.125.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-125-109.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.23.81 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-23-81.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.148 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.148.182 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-148-182.eu-west-1.compute.amazonaws.com

euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.79.218 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.218.79.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.78.249.201 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.12.14 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.senders.chicle.media

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.33 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-33-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.86.150 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.158 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.28 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.16.238 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.24.193 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr06.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.228 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr04.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::28d (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

log.strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::487 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41a8:104:3::8 (Italy)

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)

ext-strm-itt06.strm.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.182.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.81.208 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-81-208.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	yandex.ru 22 redirects yandex.ru — Cisco Umbrella Rank: 1530 mc.yandex.ru — Cisco Umbrella Rank: 3347 an.yandex.ru — Cisco Umbrella Rank: 3506 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 23193 log.strm.yandex.ru — Cisco Umbrella Rank: 17995 strm.yandex.ru — Cisco Umbrella Rank: 15897	291 KB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	432 KB
29	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 ad.doubleclick.net — Cisco Umbrella Rank: 168	119 KB
15	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9222	4 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 23672 ad4m.at — Cisco Umbrella Rank: 8597 assets.ad4m.at — Cisco Umbrella Rank: 32089	377 KB
14	bauinvest.su bauinvest.su	192 KB
12	yastatic.net yastatic.net — Cisco Umbrella Rank: 6220	407 KB
12	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	127 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 7898 www.google.de — Cisco Umbrella Rank: 5405	2 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2351 euw-ice.360yield.com — Cisco Umbrella Rank: 11247	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	4 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1560	3 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 860 www.googleadservices.com — Cisco Umbrella Rank: 159	17 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	142 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 33022 tech.rtb.mts.ru — Cisco Umbrella Rank: 40413	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 24931	1 KB
3	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7287 ext-strm-itt06.strm.yandex.net — Cisco Umbrella Rank: 166317	848 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 8545	2 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 70695	636 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 73623	441 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 681	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 83407 static-de.ad4mat.net — Cisco Umbrella Rank: 115873	4 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 63863 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 64351	837 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13776	1 KB
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 32298	1 KB
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 10799	1023 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 22572	402 B
2	semantiqo.com 2 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 56634	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 8764	506 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 15435	813 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 22350	1 KB
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 27770	475 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 189	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 55420	638 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13556	696 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 91452	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 78147	1 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 314	456 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1486	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 932	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 587	758 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 649	464 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 16174	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 3593	390 B
1	magnitent.com sync.magnitent.com — Cisco Umbrella Rank: 224722	675 B
1	caltat.com 1 redirects cdn3.caltat.com — Cisco Umbrella Rank: 178023	335 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11151	205 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 62935	836 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 39214	244 B
1	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 22683	371 B
1	kimberlite.io 1 redirects kimberlite.io — Cisco Umbrella Rank: 37883	421 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 19733	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 64621	387 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1791	467 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 14537	241 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 29363	698 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 60408	317 B
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
219	60

	Domain	Requested by
36	yandex.ru	19 redirects bauinvest.su yandex.ru yastatic.net
24	tpc.googlesyndication.com	googleads.g.doubleclick.net bauinvest.su tpc.googlesyndication.com pagead2.googlesyndication.com
23	an.yandex.ru	1 redirects yandex.ru bauinvest.su
17	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com bauinvest.su googleads.g.doubleclick.net www.googleadservices.com
15	mc.yandex.com	2 redirects bauinvest.su mc.yandex.ru
14	bauinvest.su	bauinvest.su
13	pagead2.googlesyndication.com	bauinvest.su pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	yastatic.net	yandex.ru bauinvest.su yastatic.net
10	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
8	cm.g.doubleclick.net	bauinvest.su googleads.g.doubleclick.net
6	www.google.de
6	assets.ad4m.at	as.ad4m.at
6	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	bauinvest.su pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	ads.betweendigital.com	3 redirects bauinvest.su
3	www.googleadservices.com	2 redirects yastatic.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	match.360yield.com	1 redirects bauinvest.su
3	acint.net	3 redirects
3	counter.yadro.ru	2 redirects bauinvest.su
3	mc.yandex.ru	1 redirects bauinvest.su yastatic.net
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	log.strm.yandex.ru	yastatic.net
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync.1dmp.io	2 redirects
2	ssp.adriver.ru	bauinvest.su
2	sonar.semantiqo.com	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	dm.hybrid.ai	bauinvest.su
2	dpm.demdex.net	1 redirects bauinvest.su
2	avatars.mds.yandex.net	bauinvest.su
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	ext-strm-itt06.strm.yandex.net	bauinvest.su
1	strm.yandex.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.dmp.otm-r.com	bauinvest.su
1	sync.bumlam.com	bauinvest.su
1	sync.magnitent.com
1	cdn3.caltat.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai	bauinvest.su
1	profile.ssp.rambler.ru	1 redirects
1	nr.bidderstack.com	1 redirects
1	kimberlite.io	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	bauinvest.su
1	im.bluevoox.com	bauinvest.su
1	ssp-rtb.sape.ru	1 redirects
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	bauinvest.su
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	mitdmp.whiteboxdigital.ru Failed	bauinvest.su
219	79

This site contains links to these domains. Also see Links.

Domain
templatelens.com
wordpress.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
bauinvest.su R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.bumlam.com R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
log.strm.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-08-01` - `2022-12-29`	5 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://bauinvest.su/
Frame ID: 18C19E4901EDF5F9D19C9C9C862DCCEF
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: A79D31F66F7C211DF489805A3450A9A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&adk=1812271804&adf=3025194257&lmt=1669235158&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fbauinvest.su%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235158674&bpp=4&bdt=340&idt=105&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1477886592169&frm=20&pv=2&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130
Frame ID: C42FAD1592599A24C98C70EA5171566B
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 069F8AF126089E1A886D7E4B4B00D337
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24
Frame ID: 75C6825137934EF14C38BB375B51C7C4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 039676A073484AD2D27D67DD822D51FA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: D2A7191C00B155BF97FEFEB3747C1860
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html
Frame ID: FDCF8C30A725487C2A3DBBA25A3BBBF2
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3FEF6508460D4C2780D16726A081B536
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1knzcvr9q1cj5k3374snewwcnwwfkdsp7m2jr8779tkv2azpdet8saq9bqsk22h51c1pzq2yjkz5pr41czcpk2kbmja7fgnz9e17f8696f611x4m28s4tfsf5ve71b7h5smhhb20tw6h5n0ej78pct9ehgcnggkqk3j7gnfctnzvtdf3hc8c9pwqg9yhf40cpwv1ns3gxpx48z51rm5hv1zyc60w4y8g8asghfkt0zfpkjw2zhgn4da2bga4x06tjh2jxkhh8cw3mqzhts9vmg72bmv651xnqm8cf7nwt99naes6n6x5gzsrsj0mavmw265gj61je14c01jwz5sxnn02wd84hxd17ajnbfhhct5nkybsjbcnk98gyr7nk04hf043whaw3hn0hm9m7xrhfnajvtbn1c8kzx3kzbqgp0xbk8sxq59ep&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%26client%3Dca-pub-1640993118923883%26adurl%3D
Frame ID: F24892190A79D0C7BAF0DF278E91BAA2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4481AC4A69D43777B6EBC1C665464E2C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 66375AE38BF04420384155C8C1E031FF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BE692FAE272B14038518ED2F046DBD1D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 45C0D6F854D81769F27CC283DA9CAC66
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 858F075690836A884E1E2051D07FC665
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E022E062761430CFF6A262EB27E4109
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1001282BC72530D42D188FBB59F0BA9C
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Frame ID: B1DB2445F4302C34D848C082CFBACB8B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сетевое администрирование

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

219
Requests

79 %
HTTPS

36 %
IPv6

60
Domains

79
Subdomains

42
IPs

10
Countries

2967 kB
Transfer

6591 kB
Size

87
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://templatelens.com/
Title: TemplateLens

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//bauinvest.su/;h%u0421%u0435%u0442%u0435%u0432%u043E%u0435%20%u0430%u0434%u043C%u0438%u043D%u0438%u0441%u0442%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435;0.3743059790397514 HTTP 302
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bauinvest.su/;h%u0421%u0435%u0442%u0435%u0432%u043E%u0435%20%u0430%u0434%u043C%u0438%u043D%u0438%u0441%u0442%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435;0.3743059790397514

Request Chain 29

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9831.EUSkSp64asrr9SzCV2ca1HNGaOOymH8UnlarTc1gZAJP9SDzKvwVIXNS-JBvJsMl.Og_0cDl9gh_EuL0t002OtD1cnLk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9831.n-Buxu7EAU16ut0SIgP5P8HBORjqJuoYwwsuSfQNwLfMggWj86m4utYO1lCZ0W62aPKxw-5F9DYZhEaPiiqOlA%2C%2C.eyZ85jBL6zGEo15XBSCImNqjsN4%2C

Request Chain 37

https://mc.yandex.com/watch/86337058?wmode=7&page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A1216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1478740743171%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202558%3Aet%3A1669235159%3Ac%3A1%3Arn%3A624348880%3Arqn%3A1%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A484%2C155%2C337%2C3%2C0%2C0%2C%2C253%2C13%2C%2C%2C%2C1233%3Acpf%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235159%3At%3A%D0%A1%D0%B5%D1%82%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/86337058/1?wmode=7&page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A1216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1478740743171%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202558%3Aet%3A1669235159%3Ac%3A1%3Arn%3A624348880%3Arqn%3A1%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A484%2C155%2C337%2C3%2C0%2C0%2C%2C253%2C13%2C%2C%2C%2C1233%3Acpf%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235159%3At%3A%D0%A1%D0%B5%D1%82%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 66

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/aef69e38d084d8333f3302

Request Chain 67

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2103420AD8817E631E00EB9C02C72F20&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/1503420AD8817E637A02502B02D1F51E

Request Chain 68

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/84f1281a-75fb-5247-bfbe-2050dcc0a188

Request Chain 69

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://yandex.ru/an/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=967BB5C4515C8275 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=967BB5C4515C8275

Request Chain 70

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://yandex.ru/an/mapuid/azerionis/?redir-setuniq=1 HTTP 302
https://match.360yield.com/match?external_user_id=2DD64DB2D56E836D&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=2DD64DB2D56E836D&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 71

https://yandex.ru/an/mapuid/behaviorx/ HTTP 302
https://yandex.ru/an/mapuid/behaviorx/?redir-setuniq=1

Request Chain 72

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://yandex.ru/an/mapuid/betweenx/?redir-setuniq=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=12B5A25190853CBF HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=12B5A25190853CBF&crf=1

Request Chain 73

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://yandex.ru/an/mapuid/blueseaxcom/?redir-setuniq=1 HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D10E2666956141AF

Request Chain 74

https://yandex.ru/an/mapuid/eplanningrtb/ HTTP 302
https://yandex.ru/an/mapuid/eplanningrtb/?redir-setuniq=1

Request Chain 75

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 76

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 77

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 78

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://yandex.ru/an/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=EB22DC65802AC64A

Request Chain 79

https://yandex.ru/an/mapuid/xapadsssp/ HTTP 302
https://yandex.ru/an/mapuid/xapadsssp/?redir-setuniq=1

Request Chain 80

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/2f8391bf1be737c2de3e962a3ff426385790b2bda17ef3c08e74ae0724dd4290

Request Chain 83

https://dmg.digitaltarget.ru/1/119/i/i?i=1669235159 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1669235160627&i=1669235159 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/yIN-Re4IxLCSOAx7qfno

Request Chain 84

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/7c799ef9-8545-4cef-9009-82b00afaae0c HTTP 302
https://match.360yield.com/match?external_user_id=7c799ef9-8545-4cef-9009-82b00afaae0c&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 85

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/a5ec598d-6d02-46b0-75f0-1544f997e40c

Request Chain 86

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://an.yandex.ru/mapuid/soltadspis/Y36B19CoHlw

Request Chain 88

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/cfad6c21-45f1-4657-8afe-73a60a7a2cda

Request Chain 89

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 90

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/uMm4hHRqR8T6.AikABlGEpis4FA

Request Chain 91

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=3037127699 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/NkMoCIeHTK.rqNyxwza/i.

Request Chain 93

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/rgwdTNX5w3C5nxbPm3HQ

Request Chain 94

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=99ba541c-8ec3-462d-a53b-d2cfb29d9ef4&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F99ba541c-8ec3-462d-a53b-d2cfb29d9ef4 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/99ba541c-8ec3-462d-a53b-d2cfb29d9ef4

Request Chain 95

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=6d74b238c1c44ae6ab9b2e793a37a78c HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=CAB2A17849AEC067&sid=6d74b238c1c44ae6ab9b2e793a37a78c HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=6d74b238c1c44ae6ab9b2e793a37a78c&spid=CAB2A17849AEC067&v= HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=7e33f2b5473f4fbda78c0e5efecbf973&sonar=6d74b238c1c44ae6ab9b2e793a37a78c&spid=CAB2A17849AEC067&v=

Request Chain 98

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/0bedbb11-6b6d-11ed-8677-901b0e934d81?sign=1810341407

Request Chain 101

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/04818ac9-cc1b-4a88-891f-d600095315a6

Request Chain 102

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/eU8nD65HpcLclmSIY7%2FYKQ?sign=1203148899

Request Chain 103

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/lfvOCNNEjqXl?sign=3760732566

Request Chain 104

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/qO8xrrCuPtbW

Request Chain 120

https://strm.yandex.ru/vh-canvas-converted/vod-content/7543580463445237538/60e7aeba-3a323a4f-fc251248-986b0bf8/webm/VP8_640_360_900.webm?vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159 HTTP 302
https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7543580463445237538/60e7aeba-3a323a4f-fc251248-986b0bf8/webm/VP8_640_360_900.webm?vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&noredir=1&lid=1529

Request Chain 130

https://d.agkn.com/pixel/2175/?google_gid=CAESEBQFLTNPo5CUiFsjXvUe6ZQ&google_cver=1&google_push=ASkJ3FYbskreplGLoAt46cHFvs7zBp1QtaNI3EZfKJZHy1_dxk7eKazPYl-rZfcRnZopHasvO2MzXofg6xVkzAFtuP9LovsWErQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYbskreplGLoAt46cHFvs7zBp1QtaNI3EZfKJZHy1_dxk7eKazPYl-rZfcRnZopHasvO2MzXofg6xVkzAFtuP9LovsWErQ&google_hm=Q0FFU0VCUUZMVE5QbzVDVWlGc2pYdlVlNlpR

Request Chain 133

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOyXPzmi4MjWufwV7AU3PQE&google_cver=1&google_push=ASkJ3FYltC22BCRxUOyDIMlgVhrt7pSY_iDRSaVAQH8Ptnr8tlvU9fMv3XONb34d3FQdBcpT3AmHn35RAs2mFu3S_DeybuKhJLs HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOyXPzmi4MjWufwV7AU3PQE&google_cver=1&google_push=ASkJ3FYltC22BCRxUOyDIMlgVhrt7pSY_iDRSaVAQH8Ptnr8tlvU9fMv3XONb34d3FQdBcpT3AmHn35RAs2mFu3S_DeybuKhJLs&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FKLElCiHQ5e0CzvMGdHmVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYltC22BCRxUOyDIMlgVhrt7pSY_iDRSaVAQH8Ptnr8tlvU9fMv3XONb34d3FQdBcpT3AmHn35RAs2mFu3S_DeybuKhJLs

Request Chain 134

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGCMQbd_Jjv-uXQwkpU6MnQ&google_cver=1&google_push=ASkJ3FbeZKjxK5DeR9b5LaC7YtoMPKCOY8E4n6BBWWmYyK9X5kXVHxE92e12VLTkFfcg0bMjrVxD5umeot_pTYQRG5-FL8QC8Sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVM0lMNlAtVS1OOE4=&google_push=ASkJ3FbeZKjxK5DeR9b5LaC7YtoMPKCOY8E4n6BBWWmYyK9X5kXVHxE92e12VLTkFfcg0bMjrVxD5umeot_pTYQRG5-FL8QC8Sc

Request Chain 135

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_cver=1&google_push=ASkJ3FbCeuEt-Ed8HcI99hjTg9_XJU-54OHGpIz8GMNXjN8l1RthbX2YNQTKWryH06AZkhiyg2LIpk2p1q-scmdl8s-aly4BSm0 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_push=ASkJ3FbCeuEt-Ed8HcI99hjTg9_XJU-54OHGpIz8GMNXjN8l1RthbX2YNQTKWryH06AZkhiyg2LIpk2p1q-scmdl8s-aly4BSm0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_hm=Y36B2ANfGvynJ_UQj1gxsQAABMQAAAIB&google_nid=index&google_push=ASkJ3FbCeuEt-Ed8HcI99hjTg9_XJU-54OHGpIz8GMNXjN8l1RthbX2YNQTKWryH06AZkhiyg2LIpk2p1q-scmdl8s-aly4BSm0

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNeX-saRxfsCFVGK_QcdlnMJjw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 182

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COua-saRxfsCFUFW4AodOQUJDA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112321260278820881863X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 185

https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneid9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hdoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1669235161_0c37bc60-6b6d-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 188

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2YF-Y7uNPPHJmLAP0OK7wAY&random=1107656558&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1107656558&crd=&is_vtc=1&random=1120587655 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1107656558&crd=&is_vtc=1&random=1120587655&ipr=y

Request Chain 189

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2YF-Y_qPPLXVmLAPi4uugAM&random=2109742096&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2109742096&crd=&is_vtc=1&random=1821092731 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2109742096&crd=&is_vtc=1&random=1821092731&ipr=y

219 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bauinvest.su/ 97 KB
27 KB 976ms
337ms Document
text/html 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.1.33
Resource Hash: 401de6f106bbeea4555dfe05a50e1d5ad2500c037a4f098eff279d12cd39a55b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 20:25:58 GMT
link: <https://bauinvest.su/wp-json/>; rel="https://api.w.org/"
server: nginx-reuseport/1.21.1
vary: Accept-Encoding
x-powered-by: PHP/7.1.33

GET
H2 200 style.min.css
bauinvest.su/wp-includes/css/dist/block-library/ 53 KB
8 KB 89ms
78ms Stylesheet
text/css 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 13:50:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5ee15-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 bootstrap-custom.css
bauinvest.su/wp-content/themes/allium/css/ 31 KB
3 KB 89ms
77ms Stylesheet
text/css 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/css/bootstrap-custom.css?ver=5.5.11
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3b8e92f7fca6451069a3ffd853597ad9c7ccc075bcf1bb326ec866579cf5e0cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5f1b0-7d3b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 fontawesome-all.css
bauinvest.su/wp-content/themes/allium/css/ 66 KB
12 KB 89ms
77ms Stylesheet
text/css 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/css/fontawesome-all.css?ver=5.5.11
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 054175fd1241944b5b6cc8aa44aa51904aaa24617a9d866478f10344ac818901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5f1b0-10733"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 84ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4480cf4143094a283f0f8410158bba81ea7a95d60a8e5f9753ff29d36d1ad11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 20:25:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 20:25:58 GMT

GET
H2 200 style.css
bauinvest.su/wp-content/themes/allium/ 79 KB
14 KB 87ms
78ms Stylesheet
text/css 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/style.css?ver=5.5.11
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9335e718fbdc357cb13cf4082e08d2ab7556950e73cfdddf2ba61c3312a27678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Sun, 27 Dec 2020 10:33:06 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe862e2-13b40"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 jquery.js Show response
bauinvest.su/wp-includes/js/jquery/ 95 KB
33 KB 87ms
78ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 13:50:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5ee15-17a69"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 111ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d79741619059cd22aa195bf5a5c87246b51b51e31aa1d08511d13eb2d6bfddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49332
x-xss-protection: 0
server: cafe
etag: 8906621446977090826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:25:58 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 428 KB
116 KB 230ms
82ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bf8c81c641ae05099a8851a4159922bbe89d6290cd3cc30292a9b0017aac5eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1669235158703612-5063642444973545630-sas2-0288-sas-l7-balancer-8080-BAL-5032
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 23 Nov 2022 21:25:58 GMT

GET
H2 200 enquire.js Show response
bauinvest.su/wp-content/themes/allium/js/ 10 KB
3 KB 87ms
79ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/js/enquire.js?ver=2.1.6
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6a9ffd212b49ebb3c4972bf0596b49e6e82d8df757a3a989d4cff99b20d64526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5f1b0-2687"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 fitvids.js Show response
bauinvest.su/wp-content/themes/allium/js/ 3 KB
2 KB 87ms
79ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/js/fitvids.js?ver=1.1
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5f1b0-d16"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 hover-intent.js Show response
bauinvest.su/wp-content/themes/allium/js/ 5 KB
2 KB 87ms
80ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/js/hover-intent.js?ver=r7
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6448707333e2cd315212bb14e3ec42b201f2a08cc7bf8aad63de93149dd86479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5f1b0-134b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 superfish.js Show response
bauinvest.su/wp-content/themes/allium/js/ 7 KB
3 KB 86ms
80ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/js/superfish.js?ver=1.7.10
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5c94aadfbe04dda0b0b5e2caa901efbab78ea6092ca3fa63d849c7e66688269f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5f1b0-1dba"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 custom.js Show response
bauinvest.su/wp-content/themes/allium/js/ 5 KB
2 KB 86ms
81ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/js/custom.js?ver=1.0
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 526de1df499ec6af5ca31bddf53c5582c5b23dd9c77bf22e9d3c36ab3c4c2b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fe5f1b0-1333"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 wp-embed.min.js Show response
bauinvest.su/wp-includes/js/ 1 KB
970 B 160ms
155ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-includes/js/wp-embed.min.js?ver=5.5.11
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 05:35:35 GMT
server: nginx-reuseport/1.21.1
etag: W/"6077d0a7-592"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 wp-emoji-release.min.js Show response
bauinvest.su/wp-includes/js/ 14 KB
5 KB 79ms
78ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 05:35:35 GMT
server: nginx-reuseport/1.21.1
etag: W/"6077d0a7-3795"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Wed, 30 Nov 2022 20:25:58 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 273ms
125ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 21 Nov 2022 11:31:51 GMT
etag: "637b3777-11e96"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73366
expires: Wed, 23 Nov 2022 21:25:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 82ms
34ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 175768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 19:36:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 64ms
16ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:23:47 GMT
x-content-type-options: nosniff
age: 131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:23:47 GMT

GET
H2 200 fa-solid-900.woff2
bauinvest.su/wp-content/themes/allium/webfonts/ 77 KB
78 KB 79ms
79ms Font
application/font-woff2 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bauinvest.su/wp-content/themes/allium/webfonts/fa-solid-900.woff2
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/wp-content/themes/allium/css/fontawesome-all.css?ver=5.5.11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://bauinvest.su/wp-content/themes/allium/css/fontawesome-all.css?ver=5.5.11
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
last-modified: Fri, 25 Dec 2020 14:05:36 GMT
server: nginx-reuseport/1.21.1
etag: "5fe5f1b0-134fc"
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79100
expires: Fri, 23 Dec 2022 20:25:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 55ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 186066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 69ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 12:01:13 GMT
x-content-type-options: nosniff
age: 548685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 12:01:13 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//bauinvest.su/;h%u0421%u0435%u0442%u0435%u0432%u043E%u0435%20%u0430%u0434%u043C%u0438%u043D%u0438%u0441%u0442%u0440%u0438%u0440%u043E%u0...
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bauinvest.su/;h%u0421%u0435%u0442%u0435%u0432%u043E%u0435%20%u0430%u0434%u043C%u0438%u043D%u0438%u0441%u0442%u0440%u0438%u0440%u043E%...

119 B
605 B

62ms
62ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bauinvest.su/;h%u0421%u0435%u0442%u0435%u0432%u043E%u0435%20%u0430%u0434%u043C%u0438%u043D%u0438%u0441%u0442%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435;0.3743059790397514

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

6e8683af9a1562be54a15204a33238e1d04f7dea2760248a36cca6c88c619165

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 20:25:58 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 119
Expires: Mon, 22 Nov 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 20:25:58 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bauinvest.su/;h%u0421%u0435%u0442%u0435%u0432%u043E%u0435%20%u0430%u0434%u043C%u0438%u043D%u0438%u0441%u0442%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435;0.3743059790397514
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 22 Nov 2021 21:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1640993118923883&plah=bauinvest.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd3cb76f65fb4683764319c66dfd9817da56f820f4abfd220246ac3de848aeb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119612
x-xss-protection: 0
server: cafe
etag: 1076481122310488034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:25:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame A79D 10 KB
5 KB 60ms
16ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 10:43:54 GMT
etag: 10353107486223812946
expires: Wed, 07 Dec 2022 10:43:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
698 B 132ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bauinvest.su&callback=_gfp_s_&client=ca-pub-1640993118923883&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1640993118923883&plah=bauinvest.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c00ac380900e94b176e5391058c3a3a65b297c77f084e6a02ac1966bc8de302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 94ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bauinvest.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 75ms
27ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bauinvest.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C42F 331 KB
87 KB 557ms
515ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&adk=1812271804&adf=3025194257&lmt=1669235158&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fbauinvest.su%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&aspe=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235158674&bpp=4&bdt=340&idt=105&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1477886592169&frm=20&pv=2&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=130

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ea7295f5d44ae75e7f1628d20e59e496751192d59bd9e74a24ba191cd994324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 88464
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:25:59 GMT
expires: Wed, 23 Nov 2022 20:25:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9831.EUSkSp64asrr9SzCV2ca1HNGaOOymH8UnlarTc1gZAJP9SDzKvwVIXNS-JBvJsMl.Og_0cDl9gh_EuL0t002OtD1cnLk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9831.n-Buxu7EAU16ut0SIgP5P8HBORjqJuoYwwsuSfQNwLfMggWj86m4utYO1lCZ0W62aPKxw-5F9DYZhEaPiiqOlA%2C%2C.eyZ85jBL6zGEo15XBSCImNqjsN4%2C

75 B
75 B

74ms
74ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9831.n-Buxu7EAU16ut0SIgP5P8HBORjqJuoYwwsuSfQNwLfMggWj86m4utYO1lCZ0W62aPKxw-5F9DYZhEaPiiqOlA%2C%2C.eyZ85jBL6zGEo15XBSCImNqjsN4%2C

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9831.n-Buxu7EAU16ut0SIgP5P8HBORjqJuoYwwsuSfQNwLfMggWj86m4utYO1lCZ0W62aPKxw-5F9DYZhEaPiiqOlA%2C%2C.eyZ85jBL6zGEo15XBSCImNqjsN4%2C
date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 72ms
71ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 21 Nov 2022 11:31:51 GMT
etag: "637b3777-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Nov 2022 21:25:58 GMT

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/684733/ 14 KB
5 KB 262ms
133ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/684733/3521127290410543dbe9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b726bc83cc8c5dfe31969086178144a65e10fec80a565829fd98a0fa73f72bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4801
last-modified: Tue, 22 Nov 2022 14:45:07 GMT
server: nginx/1.17.9
etag: "0950bae760e5db4156eb2c959ff9e5db"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 03:01:54 GMT

GET
H2 200 b21c17b4c9f5e197892e.js Show response
yastatic.net/partner-code-bundles/684733/ 107 KB
23 KB 289ms
162ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/684733/b21c17b4c9f5e197892e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

47a56c90157ce2e0292668f6294a3a74c48ba37a7d457a2a57b1f3641e0e3299

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 23462
last-modified: Tue, 22 Nov 2022 14:45:07 GMT
server: nginx/1.17.9
etag: "62b51513dfead878adf5e82b4d748b1a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 03:01:54 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 308ms
182ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 03:00:55 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 224ms
111ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: d3e497a2994e2d9a
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 02:14:21 GMT

GET
H2 200 1615716 Show response
yandex.ru/ads/meta/ 125 KB
33 KB 235ms
234ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1615716?target-ref=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C79%3B677435%2C0%2C32%3B684465%2C0%2C19%3B672577%2C0%2C12%3B679612%2C0%2C66%3B679028%2C0%2C57%3B685414%2C0%2C61&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uubtQlb5RE2VxLpJaknLhFQbiNNxsgSRdpUrRb9N93KMmJpDh0jfWbnficGc3lzIx%2BzOiccUF0RaUkuc6xwrrGAldSF1zoFc0J15TpjFcpn529%2FzH7url53M7OZttv%2F8zezB62Xx7oJXxFiRMgNPv54c1shaUW5M%2BGSKVXFa51IXilcS5HeCUaMiQI3ciLnZaAMJyWZGIcPhSUUUXAv2wpF1zpc6oWvFEag%2B9K2rwLEQpj%2F2jyUzDjstS14HmTKfnSzHHUBCiPzMuAxOQFbJ5DKnSJU1K2VECSYsaIsGcn9P0gamlyrhnviFZEKJrhUtOVThulOLOTQIajeEoCWCBZHnIg8t0k6LBUdoGG51GmyBSeH8LGTrLHLilJRZg6UJiAdrsIylxX%2BEITLKSuicgAO4J6zhgY%2BF74HHrVeU2EpJNAQYacMB5h48CJ0TD3cgmZWmFBMVPTGiuaspSZIIRpxZtsYS2IOHCDX2cuOdQIzk%2FBiPOCX%2FTFBt9rPCenc3RE3v7vdNzvCDsdWS1IRZvqhCl6Tn5O5FLx%2BnTca3zqWOakwE1p170XhIycd6RtFemS4xyyXJd4PVGNF0zIS7rGbxjtYUb0cDUK0sP943YAC7zYT7pR1Eh4HNmq5AQztTUAgYvSpIOnkojV1MW7zceb7Qjph17SaWtBL2AUM70gdL5Qmim7yQD5idsC15jl5EKLRue8wtRar8iJPD98spcKvgRnwZaeC2rtdORGKA73GtSgykrQ1Ar3XCfsNBxaymsrF%2BZsDoOWVgfUAEFN9OtBi90NgZQLk1SBc9rI336RYY2N353DMKDP8do641HgR32c86KG3UbWnEFhKFoR2D8mI8BxxtjA8btnrjOeE2gDgDJrA6AAAU1fSkbWBDG1u7OnyYW1LMBkFHkv4bQwzXNuRhGxK9prDDsHVrhsRtnynf3oEkYl05XZMHs9GAdrZBQ5Th%2FlWlAuqFrrdA36Qc5rLuwBC6Ow771dXeRUkEzpTFoFAiVuFA8qkkqdYSFg%2FcNZNt0MJiqBEh%2B57gjbVrF82ktrnOeUze0kAQo6zzPeMAWlrNY10b7d6yCO0CA9lcggTpKmtISo2c0lUfgqUnOQ6RKWsQPWdxwVKDntZy4IbEHhhKDmIQqc2bs5ib0oGvgxHNyww5hCNfKewppsOkYJXpYHtN7xYN1qKecCp579t1CizvNvtaTvRv4i13Nsv9%2FT%2BS56BbErjgVpx48gMKXh6rL65yIv7NBm9AlSgOYsYO7NaWbHxX4vsBC0gorKdJAgbDf3YPlI7RIfgkZ77qiVYAYKqGuY5dmCQD4GC4eU9mXDTdyg82cAwnVtHmUOrWEHe26CRp4sqGof48iVx488b3RHZXWlK5JTrIEEK7pqh7ydI%2FHH12lWZ%2F%2BbY%2F9udOSVGCAnDEdhkhUWSsMB3hBDfihJKAzDLs4lfrdutyvdzqoh6sfsr%2B3Dp7%2Brzf3V9V1f7befP17fbOWnzc313dXszPs5OhiR0y81Q3dgdOm0NF1dwvgdGng%2Fu91c37y9fwTfvm%2FuLrff4PPv17ebq%2B2X0Z%2BuNrftXy7%2F3d51P998vX743H28ffv05cN%2Bb9qrcSHM9TqOPgHdF0YBKYP5RmGHKw9EPnKjXnHMmthLWInZvDl02sBCEXeHcGbeD3DW9yguzASghcAV6dZce7NGcRImTx4UggJNudYdnratdgQ%2BXb4QwheIMPH7jh4gjn1ZFEZJ4ERPLLAl5IbBfhTBWRC6U8tdC9pteZ7TZal%2F1yXXTC2Ioln3dqqdt%2B07L6IOvoSAk343eGW%2BnO724GIArTS%2BZYK%2BuSj7w2wkA%2B16Hmxm5GWLhi2Pj6SH%2BkE6Kef2clHrcrCPwBAhByo6AdWd6rW5Cvbq7KeHmwna8eLnVXdPdCLfn9xnsJQD4ud%2FtlEEQw%3D%3D&pcode-icookie=75pnuYIJIxQMGLdpi6tP0gs%2BkftkYiYq261zF%2B8GCdRf7sLalfG1gKgOzTSUFuA4Btv92WacmsO5o2xSyksTHxFiYPw%3D&duid=MTY2OTIzNTE1OTc4MjQ4NzgwNA%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=385378825535490&ad-session-id=169841669235159033&target-id=98356958&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&pcode-version=684733&pcodever=684733&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A116%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=4364&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2OTZ9ChLkJJEkuQlCoM4vTJuktWPZeii6iH7RT5cvn6xfcPraLunkduu31XEM6ySK0Y-VXCaiX6eTZZnQFyz9a5M6TZvUP4H-BvQE2oTRzLytXeukcUjJb_g0G6MxY8aMEYwXeFA8kUvmiTyxx_NE3fM9fA_HE3rYntAld8lcuA8A7ouKX_glPRG4Osyw7s8Y6GfO6y75S69wfwjfE-x7JDG8VKHIO-IoDeVgPRdEQR6pYjXC7uE9X0gu6TMUPOzT1F3Ynn80e9gusYfbPcne7Ovv3JPof7ToxYi6B3XYdR1998QdlDRRxZThQf7B0Ob13oV7jMwZWpgD9kktOTI-iRolR0Df478sHthWyO6C-HC4D82zU_NwJ_aSfOt2b9v_EtLKEjyQ_0fjNJk_De7fiX_nHQ2-S_rfRQf7pwJemqiDNE6Q5GGQRYb_vaKiI7ML88i7-P8yv7h_KNh9_n179xJn-LqEffdC5gmPTNA93tNDvng72Ml3fuLPKS6xS3Lk4j19OC5xByONMuoY_rMAQhxTKbL-DCWViUs4WEi-oyzsHsAfbjc8lPwU7318F8aut82wS2h47LghfjIQ__p-8Pku0c--8PEQRgeiMorlT62wwoKGiPHvr1cjjjIEaUbZUTDS959Vzd16VOPfwv4SyE9ecZtTKZAUN42gRSlVmvxzxHkYUsaRqiPKqbMOILiA6S4IOzue4PD1NvxP-Y_fZHX3u9025HVJ-E_307q4v_hzezuc-g3_x3_6iyN7xji7e5dkL8QeecFC8zycI6szcWA3Rs7WH6cXJwR372M56c4kpDab--5JJbim094Q3CY8gj8XTsOFI-j25N5O-HQ8P2BeHu-2-vQSnzyUZyjaVYrsPG6atR70v2bm6_D5v-O9vKCDS6sM5AoaWmWWq2hogzRQZDSYKd-0DMOOlmE-a2IVRVcrHnuBbFQeTmgUMVVXUmeZqivzUB-mQabXRHmiShOqlaZMVZlekVPE0mAhHmuUwXNUZZo8MtLQqlIE9d-yoYxymSyL-kEb54SHtHEfWQsrdZwEeZpwyUQxJRdHhTll806fJndpPd-cYyUn1nnfFToa2pzpbeS3kWfD8D8qUJIXiuVPLv1DpFT5lV_L7dxijbDPOS-XIUxlekWaIOyhOsqyRB8NEYIMfmCk8aC2wom75fYH9yeTZ28lnGt1l3RP2zOlijLv81eeJdIeUhcAIIX6LLnqrzrIPHq8Dv9eRdo2vIvfMuYPIU64CUG1VBmXmJM70C1hE29JWh6S7QpTPsC6sC5nf8MJOQWB-yYgGzK0lCbiYPDUk-3ur3S03nG4MkgVFqxkeGznlrYBzT45ZvdGJkseyzsjI-MCsuXtYBCzPT_P8x___m2u1yFfgKG8wspVFVZBpdfpFha-osAu3D-7WbSeePIWSmVxGJQmsUE_FWpliiBjw-M7LAkiihueKEjVn7VtfLUo6XT7rwcUsky_sGGQB9JQL5NqFGmo7NRxJM-_GAffZR8g93nY1XmQUcURxS_vs0cWJrHp7XW31iO45UwIv1TrVXmQmxT0EWi9zJq7PAvy7sBV5prPS9HRFsryhMX4DPeZRUu9sh3vVFMsBHP2mlpnZmjmJHoolcvzxToZjfV5SRHYLZttXMybWLuGtiP3MXONiQ2bXI7ddsOGbryvr9j31jxY3iTXvm9l_3qzyQymE3l-rvgiv9HepSSJvtWXiXfhbOQ78f-kGRiznHko3FgVsnNRicAYuwd8C2ru0Qfi5EshSsvSuo6RnpZBZt-fvZbIH1e2lhivHF4gXojrb0ls2MJRnFszm2M0FppTp6PTosRYb8ahMtUgTFFJe3ImcMy1Kfo4qEy2nAeoy043tuUrso2zmuc9vjt_T4RRPOf3Ru-c0vkE14flPOESj-v_BCrPTb8upYRVU9UG4LkgbBzgl-hgW2iDbpPL7ez96xqc2d8JHzOC9xv_3ocph1QfssYJpdrjLLX4FylgD33Cvl_-iPP_X3q-bAvgGBrkFlvsWvbxNoaeZxcX82-E0VhfIEeOAkN9of7QIKB4RlH8waCcApW0A0QiNEzlKEzav5nrFkDsxEh-LL52n6PWN21xZzPxmNO5nILJmOJz3f5S0hlAgZNf1jXiOoYz3yBJ1VEcxtQBR9Gux67T0XpwY5bWymOBtvv5J-8s-_MVQI_WI2pLF9y26itga3neqH0o2SthT3wvrlbl42O44l5C8j7J5TkRXtHxeAa01VTItMjoMNZV311UUS5HFc3F3rfDVJ-hQcMcMwnD31zakprv4RlqGrrcMDXfX3so5EmTf9e3DhHndSfU2vMKId72iN_HyHoRv2G_tuhhc95t-lrJ0Lc_nPxyDB1D59IjOhMm7JaE8I6LaA3eRL3Gwruhica3rPvja6-o0FpKf5WS3dwa2K5CV5G-pdpHW51Dp0OKoXQUpmGQyXNU0jvmhl_M9Q-6WxuYaz_ol7lKO-qXmss5-GdfmrTHP999Czx_iXHikwvJnt-kPJGHa22jNZeQr_1lsyP-hjCC1nvWBHRRzj9u_s7391XV7pIUj6mNh-OYtCDrApcJiQuS_PXMZLlLOwTmrwu_XZr-wqFeCvdxhF0SzdTbxeyHBat7AKk2ef5vA_Y4Lm3hHg9NBTZa5BgxxYL3d-4_xhFEmWwy0HN4eSQNOxiPwx1wmTpGkD1WV-OrZK2YDYm2WohZm1ybXZcTfY-daXWKrXCtFdvpa_4X7kzURm2oidZGrSSo9HyBFzXk0ktYJstzCT-qQdeiK77AFK21GDh0KJGDt_ZAKGsPUIROw1zqAfTeK9ypar7XGisHJakYhyac6pV0H1wdytMk20P4XEOjYV8bOFy8i8PE68yXT2MbIvnwaAVFg2xjq5O8PgGNE10JljekulxbsC3cIIbdYm5xm8MKWkV9X35MfLCVm9TCRrxWd9InyxMYTXUMPR0KjHWMJsql8LIIdThGwNtyM3OuEUb0y5lsOqQXxPl_yk9x19Jr6fvZoTZvV7TvHa-1dizqFN9JXbabDLVv-Nuo2F_GiWrmlBzLDaDWaXIQpR-aYFsF_4VhTi6rPr6wlLdF6t0huYQoLFS0dARmooriVPXpClqzrBB2K4IxZ-xfjbDXoOPZkLWCJ5hW803QZR23RuQJ7l40FfrQg4MCQ3kplgWpPIWXq1OQUIf_xFrJH3PNZdF_Bcp0YJnLQ4C0nD4pyHo46dIvOeo2gOrN4knwJ5PMcWcZhlUDJ5fEMJZj4SIRL9zZXQgvsLmmg8VtMNmauR7VixEdV4K51aaPPE3NbaJtVoFy0Bl4hEv3IMiKrG4KXrPZj7ZwacHzLAjHr-ibkAhW4Kmy21Ce81bcraDiMSrUvVe34JY8VvcNMtBUctEhRUGPHDw6Lrqh40Jo1Tvm-gVYc7RlfwxEdlOiHTXYrj60vUi-zVSy4F3AXwfId9BXeTcCo2V-RpRJKlvxS2rycL-DoTaLbnPWcRyaDKWmWYJ7Qq6s0i60ehi-o-aNv5sjGFPKIIWIj5c__sR2msjUpk8wJhkJl-dRXAnudngMXNKhQ6twqu45yn1dln-gWJX2lNqiNmqq4YdV7amfUa11Wp_OJXrY2rv0Sk6V6ROpXJNFYVdLo2hVIa28tzXvELOLoXAHsq1VdbVFc1NqITj12l0EO0Kr4uBoRo_TAQwMPd1czX2yyetp9zaI0z-WP6XU5tzac6cuaF7Um-IQlrT36Kr6Hl3R36Mzmv7rlKmKKmtadpVuu-Rl3pOpLEe0MQU5zC75P-fLxuXNyulP9lSwck2mwPo2oZ4zchW0rLkx00iDIE6w_h5aQ-4UlveVFcMdfUs5YrMib0tuaRZa26vte7VLnlqrKsc03-lbKdKiD_YZKA0yea_weh1KIxsvbfSgWLNBasSyGhOb_1p6I5Y1lVgdj8zIUk2INTutESLqOaxZ6IwsNGhYswLHiHk1mlHWgch0R5n6axjIl0MgPtlsQdq3jTOzml-OXgsAWjHSrmjCtLKynQWaQgZwrkNHRDKT4WQ9wSZgZHNmgyuBbbzU0jCI5foD47oVD2PDyjkAziCYtczpAawhfcO5jQ8KtyMG3IajJ8IpTjaaf3-uRazGu0NQdjoHdiDqOA64wcUeWXPwwdOEOmYvgzEdA27Qqj9Jq9IgNPGxm1ivfA9MYyPNoQGT1xLtb_dsgbpgbGf5XRAtvVbbmQCxmive57pblYUp1RIJTIUilco7qMrswOSlOMpAzeQyxWdJ0LMkLAFrDWU74pgy-9eNEyhxpEIcZWHINh5iCzTYWKAO9NlzgQ8kVwD-&uniformat=true&callback=Ya%5B3946890288446%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fff31270d9ebd243b8bdff7aabdbba9519eabf8c8eaf878d58bef2444a634490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1669235159103475-9772329020906552961-sas2-0288-sas-l7-balancer-8080-BAL-5519
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H2 200 cdc0ed28908026a03708.js Show response
yastatic.net/partner-code-bundles/684733/ 478 KB
97 KB 248ms
198ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/684733/cdc0ed28908026a03708.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b9c60d04c36692faad09225bd6cba72fea821c051867c63fb0b6af46e1bd4107

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 98867
last-modified: Tue, 22 Nov 2022 14:45:07 GMT
server: nginx/1.17.9
etag: "e77a074d76666fdd145edff185453788"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 03:01:53 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/86337058/
Redirect Chain

https://mc.yandex.com/watch/86337058?wmode=7&page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A1216%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/86337058/1?wmode=7&page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A1216%3Afu%3A0%3Aen%3Autf-8%3A...

428 B
624 B

63ms
63ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86337058/1?wmode=7&page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A1216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1478740743171%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202558%3Aet%3A1669235159%3Ac%3A1%3Arn%3A624348880%3Arqn%3A1%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A484%2C155%2C337%2C3%2C0%2C0%2C%2C253%2C13%2C%2C%2C%2C1233%3Acpf%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235159%3At%3A%D0%A1%D0%B5%D1%82%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d1e5caaa74d4e1041d0699febaa811725558dd3c35b9e9d5df9b8ceefb26b17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 23-Nov-2022 20:25:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:25:59 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23-Nov-2022 20:25:59 GMT
location: /watch/86337058/1?wmode=7&page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A1216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1478740743171%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202558%3Aet%3A1669235159%3Ac%3A1%3Arn%3A624348880%3Arqn%3A1%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A484%2C155%2C337%2C3%2C0%2C0%2C%2C253%2C13%2C%2C%2C%2C1233%3Acpf%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235159%3At%3A%D0%A1%D0%B5%D1%82%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:25:59 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/86337058/ 43 B
73 B 70ms
69ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86337058/1?page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&hittoken=1669235159_620f146fbebcc43f35df1bbfa93d0037cdafd33e406076879254933e0aa03177&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A1%3Als%3A1478740743171%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202559%3Aet%3A1669235159%3Ac%3A1%3Arn%3A585199030%3Arqn%3A2%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235159&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(17300)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23-Nov-2022 20:25:59 GMT
content-type: image/gif
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:25:59 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 241ms
81ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bauinvest.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bauinvest.su
access-control-max-age: 1728000
content-encoding: gzip
date: Wed, 23 Nov 2022 20:25:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
393 B 288ms
124ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H2 200 1615716 Show response
mc.yandex.com/watch/ 256 B
291 B 65ms
65ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1615716?wmode=7&page-url=https%3A%2F%2Fbauinvest.su%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A1%3Als%3A120940239661%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202559%3Aet%3A1669235159%3Ac%3A1%3Arn%3A713295296%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235159%3At%3A%D0%A1%D0%B5%D1%82%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr(14)mc(p-1)clc(0-0-0)lt(17300)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ae508cdc4d426bf343ccbe1cacdf2a1ee552faeb9f3400c9a5bfd052a98f59b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 23-Nov-2022 20:25:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:25:59 GMT

GET
H2 200 orig
avatars.mds.yandex.net/get-vh/5475496/2a0000017f1adfa388c75c507bd208c58688/ 77 KB
77 KB 294ms
152ms Image
image/jpeg 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-vh/5475496/2a0000017f1adfa388c75c507bd208c58688/orig
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 9047c638b761185e700c2a98f9b39bb527417d847e29073f8e68fc02146ad2d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
last-modified: Mon, 21 Feb 2022 06:02:19 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/jpeg
cache-control: max-age=86400,immutable
timing-allow-origin: *
content-length: 78446
x-request-id: faff8e8e94b61d13

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5235281/llvbtX3D0Phu3TCbWYSFkw/ 20 KB
20 KB 275ms
152ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5235281/llvbtX3D0Phu3TCbWYSFkw/wy300
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f4f86f352861b0f7801ffda95f6a0eeb6e93bedb42d92d41922e5235705a0ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
last-modified: Thu, 06 Oct 2022 09:32:34 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 20466
x-request-id: 7e9f15891154ba0

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 261ms
146ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: a358fdca397696b9
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Nov 2022 08:25:22 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
540 B 236ms
84ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1669235159668752-11618358873948325177-sas3-0918-918-sas-l7-balancer-8080-BAL-4094
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}

GET
H2 200 848feb6dbfc2354c727c.js Show response
yastatic.net/partner-code-bundles/684733/ 14 KB
6 KB 52ms
51ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/684733/848feb6dbfc2354c727c.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2993be5722eab3cf074bb6a827d3f898b26cc133feddb38f1d5d98114ad3f1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 5106
last-modified: Tue, 22 Nov 2022 14:45:07 GMT
server: nginx/1.17.9
etag: "e9eac8514ed6df0357b66ed9fe503ae3"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 02:58:57 GMT

GET
H2 200 2146f00900f09bf4180d.js Show response
yastatic.net/partner-code-bundles/684733/ 10 KB
4 KB 54ms
53ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/684733/2146f00900f09bf4180d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1ed46beb4837b8ea9adb79bb1396a83f3fc88f5e904a4e781825c91284da2de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3171
last-modified: Tue, 22 Nov 2022 14:45:07 GMT
server: nginx/1.17.9
etag: "b2d91d8521522b437ea489c223e23fb8"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 02:58:49 GMT

GET
H2 200 355a311a6a24db436ce3.js Show response
yastatic.net/partner-code-bundles/684733/ 24 KB
7 KB 54ms
54ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/684733/355a311a6a24db436ce3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

85d5f7d7ec9a5967dd34903106e364774ab147a7dae3e590b8edc82ce0dd3e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6733
last-modified: Tue, 22 Nov 2022 14:45:07 GMT
server: nginx/1.17.9
etag: "47ab13e5fb33a9c3e894c51b8472b1c9"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 03:00:33 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 069F 24 KB
7 KB 139ms
66ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Wed, 23 Nov 2022 20:25:59 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 23 Nov 2052 02:58:39 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 150 KB
51 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b0f7cf1d6255532e292f05baf86f489e7976487063307745c6adc7d02b3fa63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52293
x-xss-protection: 0
server: cafe
etag: 16618215829752218167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H3 200 css2
fonts.googleapis.com/ 606 B
388 B 65ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-1640993118923883&c=18&e=44777815&h=bauinvest.su&ld=ru&lx=ru&m=120&n=0&o=a&p=696&t=0&w=468&x=12&sap=0&tap=1&bap=1&nsr=0&im=0&mo=0&hesa=1

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1615716/ 43 B
73 B 78ms
77ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1615716/1?page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&cnt-class=1&hittoken=1669235159_2af9e516adedaa98051b9c8e3b998f3e9e6df0758e3adcef143a68ca47c43b31&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afp%3A1216%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A1%3Als%3A120940239661%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202559%3Aet%3A1669235160%3Ac%3A1%3Arn%3A511497730%3Arqn%3A1%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A484%2C155%2C337%2C3%2C0%2C0%2C%2C253%2C13%2C%2C%2C%2C1233%3Acpf%3A1%3Aeu%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235160&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(24600)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23-Nov-2022 20:25:59 GMT
content-type: image/gif
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:25:59 GMT

GET
H2 200 1615716 Show response
mc.yandex.com/watch/ 43 B
73 B 79ms
77ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1615716?page-url=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&cnt-class=1&hittoken=1669235159_2af9e516adedaa98051b9c8e3b998f3e9e6df0758e3adcef143a68ca47c43b31&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ahfefmzcw94fsyu18inugs%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A1%3Als%3A120940239661%3Ahid%3A901723695%3Az%3A0%3Ai%3A20221123202559%3Aet%3A1669235160%3Ac%3A1%3Arn%3A1016052762%3Arqn%3A2%3Au%3A1669235159782487804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1669235157349%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669235160%3At%3A%D0%A1%D0%B5%D1%82%D0%B5%D0%B2%D0%BE%D0%B5%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(24600)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23-Nov-2022 20:25:59 GMT
content-type: image/gif
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:25:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 70ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bauinvest.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 66ms
27ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bauinvest.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 75C6 26 KB
12 KB 604ms
566ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a769cb78fa2e1290f2c89a5a5da6757ccbb991d545fcd2b08e00c71e5e630bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11787
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:00 GMT
expires: Wed, 23 Nov 2022 20:26:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1Sg6iCAV0Tm100000000U9nJl5vQly_opKnrmpyiZT5_bXrEiBpUM9VC00IUC97GLq9Yth4fooKOKXc1ufb_M9PwWyHBcO2ysXGWqSe88Zj1ia30n32JiOiRmbx8U0B2O5Z9w0DbxMMy5S33S1JCFyl832IlCeAqtcLaa65W-Ciu2sZkN2QGo5AcKq3fjKo_G2gP_... Show response
yandex.ru/an/rtbcount/ 43 B
334 B 88ms
79ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Sg6iCAV0Tm100000000U9nJl5vQly_opKnrmpyiZT5_bXrEiBpUM9VC00IUC97GLq9Yth4fooKOKXc1ufb_M9PwWyHBcO2ysXGWqSe88Zj1ia30n32JiOiRmbx8U0B2O5Z9w0DbxMMy5S33S1JCFyl832IlCeAqtcLaa65W-Ciu2sZkN2QGo5AcKq3fjKo_G2gP_WF1AoQ19S-CVlvXOMIGchX5GlCTAyDV9XQG4vXPWMGlioAGdCeCqZoN6UI-bK1I0MGhoqRcd_gNj2JJefbECbzph5YGohF2xofOvLqm-PFPmOaVxC0LB5tY6rWOTx2m7c1XlC3ov-tMqrqJfqmLlya2yS07-uSi3TfJtYQQtx1_omBonW9MtfEiUxYumD8NM1iQcbXkibxpPPfmVgKu-rTMaCixs1fOPh1TEHoyWEt9yyxk7L_MFiXRoGOpvW2RnmasvaTil05vBbQPnQNcfVbLAUOlsM0M_eIp9hB7c_tCi79zPp-BdStCmiJSs7W3EzCETfuJxE8Fs1yUk7goyyMxYLa_s7a0nVQIm000

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:25:59 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 124ms
122ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:25:59 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 87ms
79ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bauinvest.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bauinvest.su
access-control-max-age: 1728000
content-encoding: gzip
date: Wed, 23 Nov 2022 20:25:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 loader.bundle.js Show response
yastatic.net/vas-bundles/684465/bundles-es2017/ 637 KB
162 KB 60ms
60ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/684733/848feb6dbfc2354c727c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d2efd205901a97f2a22338f1053f1d28262df2e93547eb659f659615db658066

Security Headers

Name	Value
Strict-Transport-Security	max-age=946708560; includeSubDomains;

Request headers

Referer: https://bauinvest.su/
Origin: https://bauinvest.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: br
strict-transport-security: max-age=946708560; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 165052
last-modified: Tue, 22 Nov 2022 10:11:15 GMT
server: nginx/1.17.9
etag: "8036f1d54aafbae6797eb47b8018a516"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 23 Nov 2052 03:01:41 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 85ms
52ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1640993118923883&plah=bauinvest.su
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 0396 10 KB
4 KB 20ms
18ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Wed, 07 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame D2A7 10 KB
4 KB 18ms
16ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Wed, 07 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 069F 95 B
400 B 796ms
72ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 20:26:00 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Thu, 24 Nov 2022 20:26:00 GMT

GET
H2

200

aef69e38d084d8333f3302
an.yandex.ru/mapuid/arcspireis/ Frame 069F
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/aef69e38d084d8333f3302

43 B
364 B

70ms
70ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/aef69e38d084d8333f3302

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/aef69e38d084d8333f3302
date: Wed, 23 Nov 2022 20:26:00 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

1503420AD8817E637A02502B02D1F51E
an.yandex.ru/mapuid/sapeis/ Frame 069F
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=2103420AD8817E631E00EB9C02C72F20&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/1503420AD8817E637A02502B02D1F51E

43 B
80 B

72ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1503420AD8817E637A02502B02D1F51E

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

date: Wed, 23 Nov 2022 20:26:01 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/1503420AD8817E637A02502B02D1F51E
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

84f1281a-75fb-5247-bfbe-2050dcc0a188
an.yandex.ru/mapuid/betweendigitalis/ Frame 069F
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/84f1281a-75fb-5247-bfbe-2050dcc0a188

43 B
80 B

132ms
76ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/84f1281a-75fb-5247-bfbe-2050dcc0a188

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/84f1281a-75fb-5247-bfbe-2050dcc0a188
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://yandex.ru/an/mapuid/adobedmp/?redir-setuniq=1
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=967BB5C4515C8275
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=967BB5C4515C8275

42 B
942 B

53ms
44ms

Image
image/gif

3.248.125.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=967BB5C4515C8275

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

HTTP/1.1

Server

3.248.125.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-125-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IB4xLDSjRug=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-06d6ad95b.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: tj7UCaayRrE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=967BB5C4515C8275
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://yandex.ru/an/mapuid/azerionis/?redir-setuniq=1
https://match.360yield.com/match?external_user_id=2DD64DB2D56E836D&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=2DD64DB2D56E836D&publisher_dsp_id=429&publisher_call_type=redirect

43 B
420 B

44ms
41ms

Image
image/gif

54.77.23.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=2DD64DB2D56E836D&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 54.77.23.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-23-81.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Nov 2022 20:26:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=2DD64DB2D56E836D&publisher_dsp_id=429&publisher_call_type=redirect
date: Wed, 23 Nov 2022 20:26:00 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
yandex.ru/an/mapuid/behaviorx/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/behaviorx/
https://yandex.ru/an/mapuid/behaviorx/?redir-setuniq=1

0
0

85ms
84ms

Image
text/html

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/?redir-setuniq=1
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://yandex.ru/an/mapuid/behaviorx/?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://yandex.ru/an/mapuid/betweenx/?redir-setuniq=1
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=12B5A25190853CBF
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=12B5A25190853CBF&crf=1

68 B
607 B

40ms
25ms

Image
image/png

188.42.34.64
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=12B5A25190853CBF&crf=1
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 188.42.34.64 Odesa, Ukraine, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=12B5A25190853CBF&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://yandex.ru/an/mapuid/blueseaxcom/?redir-setuniq=1
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D10E2666956141AF

0
241 B

591ms
109ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D10E2666956141AF
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Connection: close
Date: Wed, 23 Nov 2022 20:26:00 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D10E2666956141AF
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2

200

/
yandex.ru/an/mapuid/eplanningrtb/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/eplanningrtb/
https://yandex.ru/an/mapuid/eplanningrtb/?redir-setuniq=1

0
0

82ms
81ms

Image
text/html

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/?redir-setuniq=1
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://yandex.ru/an/mapuid/eplanningrtb/?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

551ms
41ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

551ms
41ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://yandex.ru/an/mapuid/google/?redir-setuniq=1&partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
502 B

539ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=B843A6E6A701B0F5&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://yandex.ru/an/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=EB22DC65802AC64A

35 B
467 B

523ms
24ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=EB22DC65802AC64A
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=EB22DC65802AC64A
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2

200

/
yandex.ru/an/mapuid/xapadsssp/ Frame 069F
Redirect Chain

https://yandex.ru/an/mapuid/xapadsssp/
https://yandex.ru/an/mapuid/xapadsssp/?redir-setuniq=1

0
0

75ms
74ms

Image
text/html

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/xapadsssp/?redir-setuniq=1
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:25:59 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://yandex.ru/an/mapuid/xapadsssp/?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H2

200

2f8391bf1be737c2de3e962a3ff426385790b2bda17ef3c08e74ae0724dd4290
an.yandex.ru/mapuid/mediascope/ Frame 069F
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/2f8391bf1be737c2de3e962a3ff426385790b2bda17ef3c08e74ae0724dd4290

43 B
80 B

140ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/2f8391bf1be737c2de3e962a3ff426385790b2bda17ef3c08e74ae0724dd4290

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/2f8391bf1be737c2de3e962a3ff426385790b2bda17ef3c08e74ae0724dd4290
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame 069F 0
237 B 772ms
57ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 108
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 069F 0
238 B 771ms
56ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 111
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

yIN-Re4IxLCSOAx7qfno
an.yandex.ru/mapuid/dmpamberdata/ Frame 069F
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1669235159
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1669235160627&i=1669235159
https://an.yandex.ru/mapuid/dmpamberdata/yIN-Re4IxLCSOAx7qfno

43 B
80 B

110ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/yIN-Re4IxLCSOAx7qfno

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

Date: Wed, 23 Nov 2022 20:26:00 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 10
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/yIN-Re4IxLCSOAx7qfno
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame 069F
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/7c799ef9-8545-4cef-9009-82b00afaae0c
https://match.360yield.com/match?external_user_id=7c799ef9-8545-4cef-9009-82b00afaae0c&publisher_dsp_id=429&publisher_call_type=redirect

43 B
443 B

54ms
50ms

Image
image/gif

54.77.23.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=7c799ef9-8545-4cef-9009-82b00afaae0c&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 54.77.23.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-23-81.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Nov 2022 20:26:00 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=7c799ef9-8545-4cef-9009-82b00afaae0c&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2

200

a5ec598d-6d02-46b0-75f0-1544f997e40c
an.yandex.ru/mapuid/buzzooladspis/ Frame 069F
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/a5ec598d-6d02-46b0-75f0-1544f997e40c

43 B
82 B

71ms
69ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/a5ec598d-6d02-46b0-75f0-1544f997e40c

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/a5ec598d-6d02-46b0-75f0-1544f997e40c
date: Wed, 23 Nov 2022 20:26:00 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

Y36B19CoHlw
an.yandex.ru/mapuid/soltadspis/ Frame 069F
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://an.yandex.ru/mapuid/soltadspis/Y36B19CoHlw

43 B
80 B

135ms
97ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/soltadspis/Y36B19CoHlw

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

Date: Wed, 23 Nov 2022 20:26:00 GMT
referrer-policy: no-referrer
Server: nginx
location: https://an.yandex.ru/mapuid/soltadspis/Y36B19CoHlw
cache-control: no-store
Connection: keep-alive
server-timing: app;srv=3;dur=0.0001
Keep-Alive: timeout=40
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame 069F 0
0

GET
H2

200

cfad6c21-45f1-4657-8afe-73a60a7a2cda
an.yandex.ru/mapuid/hyperdspis/ Frame 069F
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://an.yandex.ru/mapuid/hyperdspis/cfad6c21-45f1-4657-8afe-73a60a7a2cda

43 B
80 B

71ms
70ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/cfad6c21-45f1-4657-8afe-73a60a7a2cda

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/cfad6c21-45f1-4657-8afe-73a60a7a2cda
Date: Wed, 23 Nov 2022 20:26:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 069F
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

101ms
79ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:00 GMT

Redirect headers

date: Wed, 23 Nov 2022 20:26:00 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 1bal2
content-length: 0

GET
H2

200

uMm4hHRqR8T6.AikABlGEpis4FA
an.yandex.ru/mapuid/getintentis/ Frame 069F
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/uMm4hHRqR8T6.AikABlGEpis4FA

43 B
80 B

77ms
77ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/uMm4hHRqR8T6.AikABlGEpis4FA

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/uMm4hHRqR8T6.AikABlGEpis4FA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

i.
an.yandex.ru/mapuid/dmpweborama/NkMoCIeHTK.rqNyxwza/ Frame 069F
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=3037127699
https://an.yandex.ru/mapuid/dmpweborama/NkMoCIeHTK.rqNyxwza/i.

43 B
152 B

79ms
71ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/NkMoCIeHTK.rqNyxwza/i.

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
via: 1.1 google
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/NkMoCIeHTK.rqNyxwza/i.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame 069F 68 B
836 B 130ms
73ms Image
image/png 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAuufRvtaAFRpoQIS9QCpSx9UKYnXqdhMJ2AiGBgIiGBA%2BL1XeVq5Wxp0DOLVn6UvGj35TmjNGMGIK4Z4jBz8i%2BBvymf5ktfPgbH9OjfkWvuvUf26F865ChBIER0Ao9fhVGoRDK5S3vTwc6MUVi93ljVqsXN"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 76eca32b59fb909c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

rgwdTNX5w3C5nxbPm3HQ
an.yandex.ru/mapuid/kadamis/ Frame 069F
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/rgwdTNX5w3C5nxbPm3HQ

43 B
80 B

87ms
79ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/rgwdTNX5w3C5nxbPm3HQ

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/rgwdTNX5w3C5nxbPm3HQ
date: Wed, 23 Nov 2022 20:26:01 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

99ba541c-8ec3-462d-a53b-d2cfb29d9ef4
an.yandex.ru/mapuid/mtsdspis/ Frame 069F
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=99ba541c-8ec3-462d-a53b-d2cfb29d9ef4&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F99ba541c-8ec3-462d-a53b-d2cfb29d9ef4
https://an.yandex.ru/mapuid/mtsdspis/99ba541c-8ec3-462d-a53b-d2cfb29d9ef4

43 B
80 B

76ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/99ba541c-8ec3-462d-a53b-d2cfb29d9ef4

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

Date: Wed, 23 Nov 2022 20:26:01 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/99ba541c-8ec3-462d-a53b-d2cfb29d9ef4
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

ct_sync.php
sync.magnitent.com/fbfli/ Frame 069F
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=6d74b238c1c44ae6ab9b2e793a37a78c
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=CAB2A17849AEC067&sid=6d74b238c1c44ae6ab9b2e793a37a78c
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=6d74b238c1c44ae6ab9b2e793a37a78c&spid=CAB2A17849AEC067&v=
https://sync.magnitent.com/fbfli/ct_sync.php?ct=7e33f2b5473f4fbda78c0e5efecbf973&sonar=6d74b238c1c44ae6ab9b2e793a37a78c&spid=CAB2A17849AEC067&v=

0
675 B

189ms
57ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.magnitent.com/fbfli/ct_sync.php?ct=7e33f2b5473f4fbda78c0e5efecbf973&sonar=6d74b238c1c44ae6ab9b2e793a37a78c&spid=CAB2A17849AEC067&v=
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *, *
date: Wed, 23 Nov 2022 20:26:01 GMT
mode: no-cors, no-cors
cache-control: no-cache, no-cache
content-encoding: gzip
server: nginx/1.20.1
content-type: text/html; charset=UTF-8

Redirect headers

location: https://sync.magnitent.com/fbfli/ct_sync.php?ct=7e33f2b5473f4fbda78c0e5efecbf973&sonar=6d74b238c1c44ae6ab9b2e793a37a78c&spid=CAB2A17849AEC067&v=
access-control-allow-origin: *
date: Wed, 23 Nov 2022 20:26:01 GMT
mode: no-cors
server: nginx/1.20.1
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 069F 42 B
201 B 529ms
72ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 20:26:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 069F 42 B
201 B 511ms
77ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 20:26:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

0bedbb11-6b6d-11ed-8677-901b0e934d81
an.yandex.ru/mapuid/dmpcleverdata/ Frame 069F
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/0bedbb11-6b6d-11ed-8677-901b0e934d81?sign=1810341407

43 B
80 B

79ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/0bedbb11-6b6d-11ed-8677-901b0e934d81?sign=1810341407

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/0bedbb11-6b6d-11ed-8677-901b0e934d81?sign=1810341407
date: Wed, 23 Nov 2022 20:26:01 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 069F 43 B
390 B 242ms
16ms Image
image/gif 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 23 Nov 2022 20:26:01 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame 069F 0
69 B 241ms
31ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Nov 2022 20:26:01 GMT
server: nginx/1.17.0

GET
H2

200

04818ac9-cc1b-4a88-891f-d600095315a6
an.yandex.ru/mapuid/upravelis/ Frame 069F
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/04818ac9-cc1b-4a88-891f-d600095315a6

43 B
80 B

83ms
82ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/04818ac9-cc1b-4a88-891f-d600095315a6

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

date: Wed, 23 Nov 2022 20:26:01 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/04818ac9-cc1b-4a88-891f-d600095315a6
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

eU8nD65HpcLclmSIY7%2FYKQ
an.yandex.ru/mapuid/dmpaidatame/ Frame 069F
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/eU8nD65HpcLclmSIY7%2FYKQ?sign=1203148899

43 B
80 B

79ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/eU8nD65HpcLclmSIY7%2FYKQ?sign=1203148899

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
last-modified: Wed, 23 Nov 2022 20:26:00 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/eU8nD65HpcLclmSIY7%2FYKQ?sign=1203148899
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2

200

lfvOCNNEjqXl
an.yandex.ru/mapuid/dmpsegmento/ Frame 069F
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/lfvOCNNEjqXl?sign=3760732566

43 B
80 B

77ms
69ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/lfvOCNNEjqXl?sign=3760732566

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/lfvOCNNEjqXl?sign=3760732566
Date: Wed, 23 Nov 2022 20:26:01 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

qO8xrrCuPtbW
an.yandex.ru/mapuid/rutargetis/ Frame 069F
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/qO8xrrCuPtbW

43 B
80 B

76ms
76ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/qO8xrrCuPtbW

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/qO8xrrCuPtbW
Date: Wed, 23 Nov 2022 20:26:01 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H3 200 css2
fonts.googleapis.com/ Frame 0396 4 KB
636 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 20:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 19:58:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0396 205 B
517 B 689ms
21ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:12:19 GMT
x-content-type-options: nosniff
age: 821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Nov 2023 20:12:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0396 604 B
695 B 690ms
22ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:52:59 GMT
x-content-type-options: nosniff
age: 1981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Nov 2023 19:52:59 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 0396 19 KB
8 KB 745ms
55ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/ Frame FDCF 34 KB
6 KB 78ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf91862ab9b02bebe5ffba10e1e3a2235823aa9375328589c8b1ea72a7ad3f0c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 551870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5112
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 11:08:10 GMT
expires: Fri, 17 Nov 2023 11:08:10 GMT
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D2A7 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch99K1oF-Y-q0OJST78EPqqGZgAjLxe7DbcXEy_rjENHivY2JNxABIMX_gw5gleKQgqAHoAG-48exKMgBCakCBLh6Jv0NqT6oAwHIA8iAgAKqBM0BT9DxqBM3oKOqlNpBrlXN83M5PzgHtAKq0t0C6sU0SF56Eo5iomxZWFco6QJkMtM2Qfrah9V9F98pI5AMDv0rcyL_L_ykrPrDbAHiYCzLlA3JCtH0kmY8PS2U2psmqdKPC1Es6faEmt2Q38j9MpS2IPO1bM7j3luvVzZVjvTn4gvgF-EjqScKZ4aA5CEovTzx7CmIEQvd2U_tAxh0jKnK3FKwoqOe_NwjVMKW4ul12UGKmBOnj6RGKC0u93_Iy64XhIJKurpT2qdGvDsoJsAEiLmJy5gEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB76bmJEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ88Ya0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItMTY0MDk5MzExODkyMzg4MxgA&sigh=OtJGOfeRBOA&uach_m=[UACH]&cid=CAQSGwDq26N9TXmtc-JEO6a624r-hztDeQXvQYP4yBgBIBM&template_id=419

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 20:25:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 20:25:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D2A7 23 KB
10 KB 679ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:28:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3FEF 8 KB
895 B 39ms
38ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 19:37:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3FEF 2 KB
818 B 591ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 3FEF 23 KB
9 KB 575ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:28:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3FEF 3 KB
1 KB 589ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 17:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 17:23:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3FEF 18 KB
7 KB 574ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FEF 154 KB
48 KB 612ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 3FEF 34 KB
14 KB 545ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 11:55:15 GMT

POST
H2 200 log
log.strm.yandex.ru/ 0
207 B 347ms
133ms Ping
text/plain 2a02:6b8::28d
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://log.strm.yandex.ru/log?VAS=684465&event=PrioritiseMediaFiles
Requested by: Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bauinvest.su
access-control-expose-headers: Date
date: Wed, 23 Nov 2022 20:26:00 GMT
access-control-allow-credentials: true
timing-allow-origin: https://bauinvest.su
content-length: 0
x-request-id: 1669235160587633-11860388851725976085

GET
H2

206

VP8_640_360_900.webm
ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7543580463445237538/60e7aeba-3a323a4f-fc251248-986b0bf8/webm/
Redirect Chain

https://strm.yandex.ru/vh-canvas-converted/vod-content/7543580463445237538/60e7aeba-3a323a4f-fc251248-986b0bf8/webm/VP8_640_360_900.webm?vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1...
https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7543580463445237538/60e7aeba-3a323a4f-fc251248-986b0bf8/webm/VP8_640_360_900.webm?vsid=271750227d71ae598a00461454a8bad721374a6...

749 KB
751 KB

242ms
85ms

Media
video/webm

2001:41a8:104:3::8
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to

Full URL: https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7543580463445237538/60e7aeba-3a323a4f-fc251248-986b0bf8/webm/VP8_640_360_900.webm?vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&noredir=1&lid=1529
Requested by: Host: bauinvest.su
URL: https://bauinvest.su/
Protocol: H2
Server: 2001:41a8:104:3::8 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 03ee9456f106cca573ffbe508a3dd03e3875f5c96878c495be8a30d76eaa75ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-server-time-ms: 1669235160821
date: Wed, 23 Nov 2022 20:26:00 GMT
x-amz-version-id: null
x-estimated-bandwidth: 1170360
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
Content-Range: bytes 0-767247/767248
x_h: strm-ams06.strm.yandex.net
x-strm-request-id: b42470ad41c94f22
x-connection-id: 520111479
Content-Length: 767248
x-request-id: b42470ad41c94f22
x-estimated-rtt: 39948
last-modified: Mon, 21 Feb 2022 06:02:28 GMT
server: nginx/1.18.0
etag: "29928053cfc1835f69b4dfb608c03743"
x-strm-log-split: 3
content-type: video/webm
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control: max-age=300
access-control-allow-credentials: true
x-robots-tag: noindex, noarchive, nofollow
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires: Wed, 23 Nov 2022 20:31:00 GMT

Redirect headers

date: Wed, 23 Nov 2022 20:26:00 GMT
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x-strm-request-id: 246cb6d1b3699c22
x_h: strm-anycast-ru-net-production-23.sas.yp-c.yandex.net
content-length: 0
x-request-id: 246cb6d1b3699c22
server: nginx/1.18.0
x-strm-log-split: 0
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
location: https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7543580463445237538/60e7aeba-3a323a4f-fc251248-986b0bf8/webm/VP8_640_360_900.webm?vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&noredir=1&lid=1529
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control: no-cache
access-control-allow-credentials: true
x-plg: host=strm-plgo-production-160.sas.yp-c.yandex.net; version=10374952
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 75C6 3 KB
1 KB 62ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 17:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 17:23:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 75C6 18 KB
7 KB 58ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 75C6 0
0 82ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTi3EtvdnrzJoN3M8ZHMIhLHcbBSekSfXpHgWo6z8dDFqE6TXmzvMrYdx2wVAKWU4oVuVq_w5L4vNf2YhvxBcpTEEc1kQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75C6 154 KB
47 KB 129ms
104ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 75C6 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-uLo14F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvAFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7pgv2ddxC558V2dyZcwCG-PZ9wIbx1xVwSGOPlnIPwBCE3lQSonxIAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNjQwOTkzMTE4OTIzODgzGAA&sigh=SsA_mfGnass&uach_m=[UACH]&cid=CAQSPADq26N9l51Z4RCH40uRhz5bUAYPTP8-sabWCBIBtzKhBYbFiynafu4Lr006jt1VxtRbywUDtHtBQ6EZ9RgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 20:26:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 75C6 0
0 118ms
28ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g0r4rbmhryfg3v4923stzx402qhep5a7rcg2mctf9qerahnar26a61z9p9bxknxzqc3xbz1jghkbneytqz8eptr4dm50cv6zyp33cb68xmavbqehf0pcrc74fvwk59s7thfchx3nk6f6ky5c01q7ce9n2agsdpze531ds5tm9e0ehq8apds1wj5kjpbs3sa3c4f9ya8qj6tjgmx46zh7n69bsfkc1htn7xmeeqrnpvz2mhj1hrvktq7kd1pjm44r1rt6397x0qqyc98d9mzcs6fpc1vq700d7v9qxp9bc4rr33tzpy1zxg8ycegdhns3q35rmtz72ka2sjfceanhm78gha7k4tesmxhehfcj865mhedxk564mhk0qfm2wc1fay4mjz6ym&b=Y36B1wALfY4CO80UAAot-5yFL5p2t7RgXu4Xuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Nov 2022 20:26:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame F248 2 KB
2 KB 138ms
53ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1knzcvr9q1cj5k3374snewwcnwwfkdsp7m2jr8779tkv2azpdet8saq9bqsk22h51c1pzq2yjkz5pr41czcpk2kbmja7fgnz9e17f8696f611x4m28s4tfsf5ve71b7h5smhhb20tw6h5n0ej78pct9ehgcnggkqk3j7gnfctnzvtdf3hc8c9pwqg9yhf40cpwv1ns3gxpx48z51rm5hv1zyc60w4y8g8asghfkt0zfpkjw2zhgn4da2bga4x06tjh2jxkhh8cw3mqzhts9vmg72bmv651xnqm8cf7nwt99naes6n6x5gzsrsj0mavmw265gj61je14c01jwz5sxnn02wd84hxd17ajnbfhhct5nkybsjbcnk98gyr7nk04hf043whaw3hn0hm9m7xrhfnajvtbn1c8kzx3kzbqgp0xbk8sxq59ep&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%26client%3Dca-pub-1640993118923883%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d8c2381e125aad264dbe70c204b1b56c74728dabd91cadc475996aa92932ff3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76eca329fa669066-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:00 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4481 1 KB
643 B 23ms
16ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Thu, 24 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4481 35 B
464 B 193ms
32ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH3wFeWwKoDi0Slw_wU0elg&google_cver=1&google_push=ASkJ3FbbuwrlbTsk99d7Ups87YxYcDX9e2xEA7jiHaJimiuEilhFCdOznp5qMjKEwgYStzXIZiYmXRpf4C2ZsTlQQlmSJukWiCU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4481
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBQFLTNPo5CUiFsjXvUe6ZQ&google_cver=1&google_push=ASkJ3FYbskreplGLoAt46cHFvs7zBp1QtaNI3EZfKJZHy1_dxk7eKazPYl-rZfcRnZopHasvO2MzXofg6xVkzAFtuP9LovsWErQ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYbskreplGLoAt46cHFvs7zBp1QtaNI3EZfKJZHy1_dxk7eKazPYl-rZfcRnZopHasvO2MzXofg6xVkzAFtuP9LovsWErQ&google_hm=Q0FFU0VCUUZMVE5QbzVDVW...

170 B
188 B

91ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYbskreplGLoAt46cHFvs7zBp1QtaNI3EZfKJZHy1_dxk7eKazPYl-rZfcRnZopHasvO2MzXofg6xVkzAFtuP9LovsWErQ&google_hm=Q0FFU0VCUUZMVE5QbzVDVWlGc2pYdlVlNlpR

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 20:25:59 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYbskreplGLoAt46cHFvs7zBp1QtaNI3EZfKJZHy1_dxk7eKazPYl-rZfcRnZopHasvO2MzXofg6xVkzAFtuP9LovsWErQ&google_hm=Q0FFU0VCUUZMVE5QbzVDVWlGc2pYdlVlNlpR
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4481 43 B
356 B 185ms
25ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOuzri6oyJrKBJe6uZLbquQ&google_push=ASkJ3FZ7qkWQBOwz0moaTLKFvRN-nbUvv7uw89bkLHOLidlXWJwXVnVrMsPEm5RT8me9kw6vQtEPU0INkb42b6eSm4cSUzozElM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4481 43 B
351 B 150ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHxVKph_idL0FLOjd7yCcKY&google_cver=1&google_push=ASkJ3FZLpnUA_Gy7CpDE_EmL6I9G3C9t3agB1MHbxr6Fb-mAOTCIvaKZe8vdJZN_bO6Oge2KVB3iCEHOFJuR4FaK12uSe9FA418
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1640993118923883&output=html&h=250&adk=2880665001&adf=2092848409&pi=t.aa~a.4263631882~rp.4&daaos=1669158983640&w=301&fwrn=4&fwrnh=100&lmt=1669235159&rafmt=1&to=qs&pwprc=3623000463&tp=site_kit&format=301x250&url=https%3A%2F%2Fbauinvest.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669235159639&bpp=4&bdt=1305&idt=4&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D88ee598f9fa4863e-22cf5e0bcecf0000%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA&gpic=UID%3D00000b8660432e50%3AT%3D1669235158%3ART%3D1669235158%3AS%3DALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw&prev_fmts=0x0&nras=2&correlator=1477886592169&frm=20&pv=1&ga_vid=97197538.1669235159&ga_sid=1669235159&ga_hid=2062630347&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1079&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44777815&oid=2&pvsid=2209143065621289&tmod=1238773245&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VJKNqlnQvZ&p=https%3A//bauinvest.su&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:25:59 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: negcl6hbeqsdldu2u2nvkvl7bp6rogou

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4481
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FKLElCiHQ5e0CzvMGdHmVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
25ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FKLElCiHQ5e0CzvMGdHmVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYltC22BCRxUOyDIMlgVhrt7pSY_iDRSaVAQH8Ptnr8tlvU9fMv3XONb34d3FQdBcpT3AmHn35RAs2mFu3S_DeybuKhJLs

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FKLElCiHQ5e0CzvMGdHmVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYltC22BCRxUOyDIMlgVhrt7pSY_iDRSaVAQH8Ptnr8tlvU9fMv3XONb34d3FQdBcpT3AmHn35RAs2mFu3S_DeybuKhJLs
date: Wed, 23 Nov 2022 20:25:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4481
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGCMQbd_Jjv-uXQwkpU6MnQ&google_cver=1&google_push=ASkJ3FbeZKjxK5DeR9b5LaC7YtoMPKCOY8E4n6BBWWmYyK9X5kXVHxE92e12VLTkFfcg0bMjrVx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVM0lMNlAtVS1OOE4=&google_push=ASkJ3FbeZKjxK5DeR9b5LaC7YtoMPKCOY8E4n6BBWWmYyK9X5kXVHxE92e12VLTkFfcg0bMjrVxD5umeot_pTYQRG5-FL8QC8Sc

170 B
188 B

71ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVM0lMNlAtVS1OOE4=&google_push=ASkJ3FbeZKjxK5DeR9b5LaC7YtoMPKCOY8E4n6BBWWmYyK9X5kXVHxE92e12VLTkFfcg0bMjrVxD5umeot_pTYQRG5-FL8QC8Sc

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVM0lMNlAtVS1OOE4=&google_push=ASkJ3FbeZKjxK5DeR9b5LaC7YtoMPKCOY8E4n6BBWWmYyK9X5kXVHxE92e12VLTkFfcg0bMjrVxD5umeot_pTYQRG5-FL8QC8Sc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4481
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_hm=Y36B2ANfGvynJ_UQj1gxsQAABMQAAAIB&google_nid=index&google_push=ASkJ3FbCeuEt-Ed8HcI99hjTg9_XJU-54OHGp...

170 B
188 B

41ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_hm=Y36B2ANfGvynJ_UQj1gxsQAABMQAAAIB&google_nid=index&google_push=ASkJ3FbCeuEt-Ed8HcI99hjTg9_XJU-54OHGpIz8GMNXjN8l1RthbX2YNQTKWryH06AZkhiyg2LIpk2p1q-scmdl8s-aly4BSm0

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkjf1kQWm6HhO%2FZWtHBWlRKLNFURrs6lv6PZxk3WYd6rEWVHj65T1n68SGWwGrlSQa1cGMxYHzfqArFNWfsZN%2BdFxzpfa7MUijO%2BPBO87%2BxmPYNGG8iSrtYZGLacyLiq1mg%2Byip56ohoaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDXIVuTp1s4Cq-k1t27EPEs&google_hm=Y36B2ANfGvynJ_UQj1gxsQAABMQAAAIB&google_nid=index&google_push=ASkJ3FbCeuEt-Ed8HcI99hjTg9_XJU-54OHGpIz8GMNXjN8l1RthbX2YNQTKWryH06AZkhiyg2LIpk2p1q-scmdl8s-aly4BSm0
cache-control: no-cache
cf-ray: 76eca32b6d07bbc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4481 0
59 B 29ms
26ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_1s-hfwG1Vxy8bH2UwADwDOvX8PQuPmhRSGqlO9bVbmdld20ofhJBaO4JnsPy-SMCYbSK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6637 143 B
166 B 31ms
17ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 19:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE69 143 B
166 B 48ms
41ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 19:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D2A7 3 KB
1 KB 127ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 17:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 17:23:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D2A7 18 KB
7 KB 106ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FDCF 6 KB
3 KB 114ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 24 Nov 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FDCF 34 KB
13 KB 105ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 24 Nov 2022 19:53:06 GMT

GET
H3 200 3cdc7b676e4307767976b64e94f3c4a5.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/ Frame FDCF 102 KB
29 KB 100ms
21ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/3cdc7b676e4307767976b64e94f3c4a5.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce3c6afc4dd5630c50984207ec7ecadb7ccd68ced786ebfc8e34ae84192d986

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 11:08:10 GMT
age: 551870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29749
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:10 GMT

GET
DATA 200
OK truncated
/ Frame 75C6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f021f546bc2d10e64476240d6d87eb94eb3e9e62545969dbc1ceaa1b72b0523d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame F248 89 KB
11 KB 63ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1knzcvr9q1cj5k3374snewwcnwwfkdsp7m2jr8779tkv2azpdet8saq9bqsk22h51c1pzq2yjkz5pr41czcpk2kbmja7fgnz9e17f8696f611x4m28s4tfsf5ve71b7h5smhhb20tw6h5n0ej78pct9ehgcnggkqk3j7gnfctnzvtdf3hc8c9pwqg9yhf40cpwv1ns3gxpx48z51rm5hv1zyc60w4y8g8asghfkt0zfpkjw2zhgn4da2bga4x06tjh2jxkhh8cw3mqzhts9vmg72bmv651xnqm8cf7nwt99naes6n6x5gzsrsj0mavmw265gj61je14c01jwz5sxnn02wd84hxd17ajnbfhhct5nkybsjbcnk98gyr7nk04hf043whaw3hn0hm9m7xrhfnajvtbn1c8kzx3kzbqgp0xbk8sxq59ep&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%26client%3Dca-pub-1640993118923883%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1knzcvr9q1cj5k3374snewwcnwwfkdsp7m2jr8779tkv2azpdet8saq9bqsk22h51c1pzq2yjkz5pr41czcpk2kbmja7fgnz9e17f8696f611x4m28s4tfsf5ve71b7h5smhhb20tw6h5n0ej78pct9ehgcnggkqk3j7gnfctnzvtdf3hc8c9pwqg9yhf40cpwv1ns3gxpx48z51rm5hv1zyc60w4y8g8asghfkt0zfpkjw2zhgn4da2bga4x06tjh2jxkhh8cw3mqzhts9vmg72bmv651xnqm8cf7nwt99naes6n6x5gzsrsj0mavmw265gj61je14c01jwz5sxnn02wd84hxd17ajnbfhhct5nkybsjbcnk98gyr7nk04hf043whaw3hn0hm9m7xrhfnajvtbn1c8kzx3kzbqgp0xbk8sxq59ep&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%26client%3Dca-pub-1640993118923883%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:00 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 615618
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76eca32b0f5890ec-FRA
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame F248 35 KB
12 KB 43ms
27ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1knzcvr9q1cj5k3374snewwcnwwfkdsp7m2jr8779tkv2azpdet8saq9bqsk22h51c1pzq2yjkz5pr41czcpk2kbmja7fgnz9e17f8696f611x4m28s4tfsf5ve71b7h5smhhb20tw6h5n0ej78pct9ehgcnggkqk3j7gnfctnzvtdf3hc8c9pwqg9yhf40cpwv1ns3gxpx48z51rm5hv1zyc60w4y8g8asghfkt0zfpkjw2zhgn4da2bga4x06tjh2jxkhh8cw3mqzhts9vmg72bmv651xnqm8cf7nwt99naes6n6x5gzsrsj0mavmw265gj61je14c01jwz5sxnn02wd84hxd17ajnbfhhct5nkybsjbcnk98gyr7nk04hf043whaw3hn0hm9m7xrhfnajvtbn1c8kzx3kzbqgp0xbk8sxq59ep&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%26client%3Dca-pub-1640993118923883%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 137264
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60oVtv3jB6zJZtu4U922drlGLWehsrpdsqKiyWmQZ9KxhaveIhyWkqAcaxTsSyUL1dWxcSrSUVDQb9X0%2F0%2FMuFhYt5UceD7G4MYr0vUUf1IxfmMbtKfVuq5Y5%2FWhRGx2xmq6Wx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76eca32b0c1e9066-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 22 Nov 2022 06:18:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2A7 154 KB
47 KB 123ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
DATA 200
OK truncated
/ Frame D2A7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f012146b4bce97b1fd2b6c58c5af9069ee6853ae409d8e9b9fea0a001e9f70f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6637
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

94ms
92ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:01 GMT
expires: Wed, 23 Nov 2022 20:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 45C0 36 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 16:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 16:14:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE69
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

86ms
76ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:01 GMT
expires: Wed, 23 Nov 2022 20:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame FDCF 5 KB
657 B 50ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/3cdc7b676e4307767976b64e94f3c4a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 20:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 20:09:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 20:26:00 GMT

GET
H3 200 83dc37e0aa1a9e1f34837ce75c9e8fd7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/ Frame FDCF 7 KB
7 KB 41ms
17ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/83dc37e0aa1a9e1f34837ce75c9e8fd7.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468f9f117aa33043232668ac8a3e04ef67567dd43bd28dde9a3e58353c5f42d8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 17 Nov 2022 11:08:11 GMT
x-content-type-options: nosniff
age: 551869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7435
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:11 GMT

GET
H3 200 cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/ Frame FDCF 349 B
286 B 44ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/cd2696fd4b4633d9b42115314ccf4590.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 11:08:11 GMT
age: 551869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:11 GMT

GET
H3 200 725ac573ccb18f0aa0754e24180c8111.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/ Frame FDCF 2 KB
2 KB 43ms
21ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/725ac573ccb18f0aa0754e24180c8111.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62dc503c777db5a88b1222664aff25b15d27b354dad07cc42bf1c9f79b06011e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 17 Nov 2022 11:08:11 GMT
x-content-type-options: nosniff
age: 551869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1758
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:11 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F248 3 KB
4 KB 127ms
39ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26139443
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBsU9aXtt0E9mpokZEh0oZYXJNUBwMpUvAkM3lze%2FTZ3Be2c4cyQJOFtl7OGA5M6hzRYvRI2tFIey45rnyVbGDQhqiFPe%2F%2Fe%2F7S981wje5taoNRFKR%2Bie7ost8rW8CfQdl%2F6WApb2MTw%2F4dcp%2F4AdoFA"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76eca32c5de55bed-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 858F 2 KB
1 KB 51ms
32ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2420447
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76eca32be92590ec-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 20:26:00 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7afVeOxw46%2FlsaKRNpFWZ1fsj58H29WQu28gknFfyzlplTyIpZlpCaArMpWdqjDIblOYZAvziNRxBChi%2FLvGqkngMEjTRaEY%2FYmP7aVG%2BmYC0ePNsLBcfUaU8kmo9vfbgvPkzE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame FDCF 45 KB
45 KB 60ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 22:05:34 GMT
x-content-type-options: nosniff
age: 512427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 22:05:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FDCF 16 KB
16 KB 61ms
28ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 548781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 11:59:40 GMT

GET
H3 200 2185dce47bd07b77ada4a81889dba2c6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/ Frame FDCF 11 KB
11 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/2185dce47bd07b77ada4a81889dba2c6.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907d7ef409c89a549ed62e9b4fd5af7dce60f6f1acb57d2f8ded07685e85a90

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 17 Nov 2022 11:08:12 GMT
x-content-type-options: nosniff
age: 551869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10787
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:12 GMT

POST
H2 200 WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05q...
yandex.ru/an/tracking/ 0
188 B 76ms
76ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05qws90yW5uO1au0MK0Q06o06e1iW1oGRNTN--EUoP9wa7_0IbI_ocms2u1u05q0SM2j08keY0WSA2W0Re2GVTVd0JUKQbFuWB1AeB4AJcCldy10406f6q62dk1G3m2mRW3OA0W860W8281DQ3uOFQZ8FKJg0Em8Gzg0_yYOJSnT_fuM204ENFk270i922W1I0W884g1I0mH02q1J_n85Gs1IKaSkP1k0K0TWMXQpr_iFYsEjoWHVmFvWNbxMqBD0Nq8O3s1UOqZtG627u6C6AzkoZZxpyOu0Pk1e3WXmDK6v4EcbpTJTrRtfaD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VvS-u8R0V0SWVvP6GKT8V1ZOuD3SpC-0W1j0X____0TKY__z__u4Z00000000y3yD0BuwoiD8cmHovLA8ByN8Qw8MWrxcArMEaKSWfADpuSf1YZtTcidQQA_8O1G0~1?action-id=11&adsdk-bundle-version=684465&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=511&adsdk-container-height=287&video-avatar-width=510&video-avatar-height=287&ad-session-id=169841669235159033&vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&client-ts=1669235161246&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=684465%2C0%2C19&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

POST
H2 200 WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05q...
yandex.ru/an/tracking/ 0
53 B 75ms
74ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05qws90yW5uO1au0MK0Q06o06e1iW1oGRNTN--EUoP9wa7_0IbI_ocms2u1u05q0SM2j08keY0WSA2W0Re2GVTVd0JUKQbFuWB1AeB4AJcCldy10406f6q62dk1G3m2mRW3OA0W860W8281DQ3uOFQZ8FKJg0Em8Gzg0_yYOJSnT_fuM204ENFk270i922W1I0W884g1I0mH02q1J_n85Gs1IKaSkP1k0K0TWMXQpr_iFYsEjoWHVmFvWNbxMqBD0Nq8O3s1UOqZtG627u6C6AzkoZZxpyOu0Pk1e3WXmDK6v4EcbpTJTrRtfaD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VvS-u8R0V0SWVvP6GKT8V1ZOuD3SpC-0W1j0X____0TKY__z__u4Z00000000y3yD0BuwoiD8cmHovLA8ByN8Qw8MWrxcArMEaKSWfADpuSf1YZtTcidQQA_8O1G0~1?action-id=0&adsdk-bundle-version=684465&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=511&adsdk-container-height=287&video-avatar-width=511&video-avatar-height=287&ad-session-id=169841669235159033&vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&client-ts=1669235161248&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=684465%2C0%2C19&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1121531090%3B0%3B40f4d41349f8bf65%3B6972600250896811260%3B0%3B1615716%3B2%3B0&product-theme=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 65ms
64ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f645fd3780b597eb950ce2c193261d2f1b9560953e6adc075c14c055f60be019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11113
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame F248 1 KB
2 KB 135ms
135ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0195a1e9cb09c7d786bb33423e210b95a19eb98008f219d30e7cefca8e1d397

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di7ulXGr%2FQKB9uIy1D5hGSkGyCAmj1nLD4jbCqXdDZ457v7Sxh0niDClakH5rheN1LVtHGWAVeWJpC0kjW71WeK2nu90H%2BcX8Y2EN%2F8MohYQHIo%2BI9GA5J5BNCexkHVEjdId1o0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76eca32f3eff90fb-FRA
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame FDCF 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 16:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 16:14:43 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 20:26:01 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 183ms
63ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76eca32ede5790fb-FRA
content-length: 24
content-type: text/plain
date: Wed, 23 Nov 2022 20:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Htk8zRIFtTko34zAdN4zUgMS9jDG5jJEleCibvfvMZ3m4D%2B4gU8iwOi2zlh1mVCLIHXW6TqUG7yxApx5gs%2Bld1KlsAjxTwmqH5MUgEKt07Fpnz7HOehTKreLkr2ceh2ikKBl1vg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 069F 105 KB
37 KB 80ms
79ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: bauinvest.su
URL: https://bauinvest.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: e743cf98e440db36
timing-allow-origin: *
expires: Sat, 26 Nov 2022 08:25:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E02 13 KB
5 KB 29ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 18:58:20 GMT
expires: Thu, 23 Nov 2023 18:58:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1001 783 B
534 B 48ms
32ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cde82220d2c4166b40c5a02ab7ec58f05ea15e8a3e38601d5e0be60fbe0714ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mzVucdW43ur6nEUKGELwSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-mzVucdW43ur6nEUKGELwSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:01 GMT
expires: Wed, 23 Nov 2022 20:26:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B1DB 9 KB
4 KB 64ms
63ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7858f80025e6681c82ad90c811daafc451bcd6c66c974236d35d5650f9703c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1knzcvr9q1cj5k3374snewwcnwwfkdsp7m2jr8779tkv2azpdet8saq9bqsk22h51c1pzq2yjkz5pr41czcpk2kbmja7fgnz9e17f8696f611x4m28s4tfsf5ve71b7h5smhhb20tw6h5n0ej78pct9ehgcnggkqk3j7gnfctnzvtdf3hc8c9pwqg9yhf40cpwv1ns3gxpx48z51rm5hv1zyc60w4y8g8asghfkt0zfpkjw2zhgn4da2bga4x06tjh2jxkhh8cw3mqzhts9vmg72bmv651xnqm8cf7nwt99naes6n6x5gzsrsj0mavmw265gj61je14c01jwz5sxnn02wd84hxd17ajnbfhhct5nkybsjbcnk98gyr7nk04hf043whaw3hn0hm9m7xrhfnajvtbn1c8kzx3kzbqgp0xbk8sxq59ep&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%26client%3Dca-pub-1640993118923883%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76eca330292e90ec-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 20:26:01 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E02 36 KB
16 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 16:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 16:14:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1001 0
0 53ms
52ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2209143065621289&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 069F 160 KB
57 KB 135ms
127ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

921d001dcd0930a15a3000a9fa96d5252da111fcbefe7d0b58dafb77e2a6edb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 21 Nov 2022 11:31:51 GMT
etag: "637b3777-e1a8"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57768
expires: Wed, 23 Nov 2022 21:26:01 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 069F 403 B
633 B 98ms
91ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fbauinvest.su%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b4ace525533da929faca003eb02308fde400531287444465bbaf9bdea4e90111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame B1DB 89 KB
11 KB 48ms
44ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 615619
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76eca330faca90ec-FRA
expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame B1DB 53 KB
54 KB 78ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2596262
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i53hxyc88Lp4K3%2Fd5huqGG7CnuzgAz6vTURRh4wilXl%2FQGxVyTBN6aYrhxWHYvctDkHiCfuNUXhx0U5RZJa5Qi%2FJAfbxUE1jYFDbXRSCrFt68dEUzQzQhk107bpk7gRYIOUFTSRr3GRWXDHb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76eca3313f769066-FRA
expires: Thu, 24 Nov 2022 20:26:01 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame B1DB 11 KB
11 KB 81ms
49ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 611958
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5A2rXx%2FOLt3osRXUH4TsV3pLYb6VGgoVLlrHQ62GfRA6BM3Ojt%2B88bJBfmINkRMm2XpvjZR9iNZGfJ5twhsnJ3SlvfAwp4f%2FuwDczXNNVoP%2B9dl%2FQK1UPB58F875P%2Bg%2B4%2B7EwKmctrNv8wv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76eca3313f789066-FRA
expires: Thu, 24 Nov 2022 20:26:01 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame B1DB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNeX-saRxfsCFVGK_QcdlnMJjw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...

49 B
1 KB

203ms
34ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 20:26:02 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Wed, 23 Nov 2022 20:26:02 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame B1DB 9 KB
9 KB 81ms
49ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2592458
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLo9er1kmAz3%2B1vZeBWpO%2F0lwZn6Qt%2Bk%2FfLc22y6BVZO%2FJn1SAx76bCu5GebFWKKQc9JXCpqi%2Fn317usubg2%2B3joXafX%2B71mdQR3qlkX%2BuZcUOWhOD5WXEIE8BsHeklean%2BVEts6%2BGThVf7k"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76eca3313f779066-FRA
expires: Thu, 24 Nov 2022 20:26:01 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame B1DB 20 KB
20 KB 76ms
48ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 618547
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4Bh4u5QiTPsixMlXU9wGFrSlg4wvoEZA%2FYsbLBoicEbf5MVZREa25x3ZiVb4ayvPrbmwfqFn5sfZcE%2B3r57xoAq4KDTn4PzpBtz%2FHPx9xicT5LQvw3VcxpoUiNLaUn%2FtIfsFLzaPZRzB6Ol"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76eca3313f729066-FRA
expires: Thu, 24 Nov 2022 20:26:01 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame B1DB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COua-saRxfsCFUFW4AodOQUJDA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112321260278820881863X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

245ms
33ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112321260278820881863X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 23 Nov 2022 20:26:02 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022112321260278820881863X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Wed, 23 Nov 2022 20:26:02 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame B1DB 16 KB
16 KB 51ms
25ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2593981
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EBXSL1xP9aql8jEoOc2DfulHie7ab7jaekeESoMCR7aZf0lty0R3rf%2FojcjxIt4L%2Fjg6MV%2BmPFosCpqCiH01fOlvI%2B7iBkdqAmEyelzZIWubVpndAj8FMGe8cfEtypoZmD0Ti2DyLVf6nJi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76eca3313f749066-FRA
expires: Thu, 24 Nov 2022 20:26:01 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame B1DB 222 KB
222 KB 72ms
49ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197101%2C19491%2C188429&b=qGXsmf1WUJVA2uZHgHDtJtXXxaPTgTq4s3%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2C9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hd&f=R5Xfgf6QFGd2RfkHwH3tzCddDawTzT7gs7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C1WDCbfAKf4XBMC9HdH9tpC239sRTKT92hA&c=300&d=250&e=&g=cbb14b517a5a5e9c42b721763324e787%2F16850406444625008892&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1669235161553&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j2tdga7ewp5998w4kebp263mnarjqbngbdshy2gphyhbz8nk66c0g61ms2zekmgkrvrk6btge7jsa69g3swwbsban9te5hxtap8ze5w1w9bjdt372qz0spzjnqggzc84wgagjav26swtb3c0h580n1cerdtkwbx8f6jb0559147fm8t8wrtvfbbjkm84fq7bn4gj6gxpxjby4jfng7j8nhetv5gebagvc5k1420ytn8wa5zywfhbps05rh38z6q06zz8jgsnyby2v6wktng%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCek5914F-Y477LZSa78EP-9uo2AiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNjQwOTkzMTE4OTIzODgzyAEJqQLTD1FBg2KxPqgDAaoEvwFP0BZ_SX7TEXrveAbktI4RwMaGmuIpBGczmN6qITg9PfxViqu47Z2k7nV6cEZBKUl0HJ4OV9mQJVgbnys3em8Xqx2OhKFVPVhB6qkU0s974gZU_b1_L0TEtld3Typp5ktUiXFttYb6y3wGZ5VKBweIM3upxYS1FAe3t-xPxA86An3VjWRJkThrPCjpwFq6ZvkyLTEwg7oivUbPE9f-sZUagQHqQf19XsgCwhdfT9kG-rD12GgfJFUwnbVnDM-1N4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0MgwVFKFFmkURnAouRSk-zRpeVgg%2526client%253Dca-pub-1640993118923883%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2592935
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNk%2F%2F3d9a38DgvVWfyOr9KBKdAD4nA%2F7%2FVyig1F3DOcHbvY2xmfu3zWjIM6lSxYJJ3NcQWAccivM6OQXVK0SNhd9oC5DkjaILndqMWECK%2FMxDLnrhzF%2B6FHaBlB4dDzHZL7R02G8PHFwnyMs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76eca3313f759066-FRA
expires: Thu, 24 Nov 2022 20:26:01 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame B1DB
Redirect Chain

https://www.awin1.com/cshow.php?s=2470172&v=11354&q=377133&r=412871&pv=1&pref3=oneid9RxtMfWmhdME9tKHBH2t7trDKCwTmT95hdoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1669235161_0c37bc60-6b6d-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

0
638 B

124ms
61ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1669235161_0c37bc60-6b6d-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:02 GMT
via: 1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 106506687
cache-control: no-cache
cf-ray: 76eca332de609bb2-FRA
expires: -1

Redirect headers

Date: Wed, 23 Nov 2022 20:26:01 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1669235161_0c37bc60-6b6d-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 1Qa-LcoV0Tm100000000U9nJl5vQly_opKnrmpyiZT5_bXrEiBpUM9VC00IUC97GLq9Yth4fooKOKXc1ufb_M9PwWyHBcO2ysXGWqSe88Zj1ia30n32JiOiRmbx8U0B2O5Z9w0DbxMMy5S33S1JCFyi8qdGLJDvbP91XOFZBE0jexbmcaCXIfbFC30nhcNw1L3Bz1... Show response
yandex.ru/an/rtbcount/ 43 B
92 B 83ms
82ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Qa-LcoV0Tm100000000U9nJl5vQly_opKnrmpyiZT5_bXrEiBpUM9VC00IUC97GLq9Yth4fooKOKXc1ufb_M9PwWyHBcO2ysXGWqSe88Zj1ia30n32JiOiRmbx8U0B2O5Z9w0DbxMMy5S33S1JCFyi8qdGLJDvbP91XOFZBE0jexbmcaCXIfbFC30nhcNw1L3Bz1u9NJ09BdXdz_CF2o20rSOk4vZjMXhzCB20dCBC2oLvcHI0vbHcaUIupo7qhWQG2o5QMZSm_zIzfIQP5CvralkPOiI2LPuNVLR3Aks3o9xE34p_OWIjOkiGti33kO64zmC9uWUNFswsdkoPEcIf-amNYWG_s3raQjAUyJJI_OV-M1UID1Qoy9rdtS761fI-mDZGqiTnalURBDE7yId7shwmWbtUmDR3COBjoE7W1svFddTqxlgnzaBUI3MRC0JQF4spCZzXu0_9Sh3ABIyrBywjIp5-omIpy2MTDP8yt-vbXvVhEVXOxcvc5YRcnyGPsfXtiF2VOnH-mFpnmzMJdYtSJitwmym00mqAIlW00?confirmTime=2139000&confirmRatio=1000000&test-tag=385378825535490&format-type=118&actual-format=8&rnd=1446708326065&banner-sizes=eyI3MjA1NzYwNjkyNjM3MjI4MyI6IjE2MDB4MzAwIn0%3D&width=1600&height=300

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:01 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:01 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 069F 41 KB
15 KB 162ms
97ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

4f0fa35c5a44677cc0a678f03795032aa862275dc29e978a84a2ee41ef267c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15190
x-xss-protection: 0
server: cafe
etag: 16595884479219046262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:26:01 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 069F
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2YF-Y7uNPPHJmLAP0OK7wA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1107656558&crd=&is_vtc=1&random=1120587655
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1107656558&crd=&is_vtc=1&random=1120587655&ipr=y

42 B
548 B

116ms
37ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1107656558&crd=&is_vtc=1&random=1120587655&ipr=y

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1107656558&crd=&is_vtc=1&random=1120587655&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 069F
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=2YF-Y_qPPLXVmLAPi4uugA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2109742096&crd=&is_vtc=1&random=1821092731
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2109742096&crd=&is_vtc=1&random=1821092731&ipr=y

42 B
108 B

121ms
43ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2109742096&crd=&is_vtc=1&random=1821092731&ipr=y

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2109742096&crd=&is_vtc=1&random=1821092731&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 069F 256 B
399 B 88ms
73ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aee5lp4mqf021eb9271dys%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A700928013037%3Ahid%3A816849236%3Az%3A0%3Ai%3A20221123202601%3Aet%3A1669235162%3Ac%3A1%3Arn%3A304414934%3Arqn%3A1%3Au%3A1669235162227332144%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C73%2C66%2C1%2C1%2C0%2C%2C171%2C1%2C314%2C314%2C0%2C313%3Acpf%3A1%3Ans%3A1669235159502%3Ast%3A1669235162&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bfe0f3a49830f9747c91c63894d755ac010e19405eec498e230089882c5ec571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 23-Nov-2022 20:26:02 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:26:02 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 069F 43 B
136 B 409ms
408ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:02 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 21 Nov 2022 11:31:51 GMT
etag: "637b3777-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 23 Nov 2022 21:26:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E02 0
11 B 19ms
18ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DM2Byg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 20:26:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 WP0ejI_zODq0DGm0b1HB5XBgxLxy5mK0tG4GW8200J7NWNvZ000003Z8dSK1Y082kGAhD_6sPOFN9_02i9VSYGRGL_050Q06o0791jTrVxuvx9adgGVy1ALB_AR3OB07W82G9D070lW4gWiGfEOo-Vm40G0QaRGOAUxm2mRW3OA0W860W82819WEreFXWzgCWzHEg... Show response
yandex.ru/an/count/ 43 B
227 B 83ms
79ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WP0ejI_zODq0DGm0b1HB5XBgxLxy5mK0tG4GW8200J7NWNvZ000003Z8dSK1Y082kGAhD_6sPOFN9_02i9VSYGRGL_050Q06o0791jTrVxuvx9adgGVy1ALB_AR3OB07W82G9D070lW4gWiGfEOo-Vm40G0QaRGOAUxm2mRW3OA0W860W82819WEreFXWzgCWzHEg0_yYOJSnT_fuM2G48MizVx3ujZhSiWHnkIgc3m2u1G1y1N1YlRieu-y_6F95l0_s1Q15wWN3T0O8VWOlxp4X9Ybexw60O0PYHcy2hWP____0S0Prfk9WFcvwei7qXaIUM5YSrzpPN9sPN8lSZSrDYqow1d03F0PWC83c1hKmrEm6qYu6mE270rGRaGwQNDrDtLlUcGtwHo07Vz_W202Y20CiY49DZWqE3CoEZOnq27___y1rIB__t__WIC00000003mFn80V4RRCAD2U7AuTxIrDRAl2iCXcCE5Q2M6BIqVW7kLUcOi7DK2hWih4WMidMDEefgih_178OE83Eu1~1=WLaejI_zO6e0VGe0H1CmQz6aQW6od8-GvjVyhxC1W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcPAPthu1e0AE-eK1i0FF0eW5oAi1a0M0mH2m1PgP1BW5cfa4m0NJhOa3o0NXW6JG1V3M0QW6o06f1_m4fKlyfiDWk0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCcmR84C2ma8A84W6G4W6e4_pjjSkAaPIL5u0KW8221D0K_yI1KEWKZ0B95l0_c1UNjRGim1UrrW6W6S01k1d___y1WHh__uiaNcDOkg0QwulShkpRt-mog1u1i1y1o1_baP1HgI3TVd0JUKQbFxWWvvCeiY49DZWqE3CoEZOnrIB__t__WIC00000003mFmO0ITS84oK60hx8IL6ebCv_ls_60ODjeWW0~1?stat-id=2&test-tag=385378825591313&banner-sizes=eyI3MjA1NzYwNjkyNjM3MjI4MyI6IjE2MDB4MzAwIn0%3D&format-type=118&actual-format=8&pcodever=684733&banner-test-tags=eyI3MjA1NzYwNjkyNjM3MjI4MyI6IjU4MTY4MSJ9&order-banners-options=eyI3MjA1NzYwNjkyNjM3MjI4MyI6MjA0OH0&width=1600&height=300&confirmTime=2128000&confirmRatio=1000000&wmode=0&order-banners-options=eyI3MjA1NzYwNjkyNjM3MjI4MyI6MjA0OH0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:02 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:02 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 069F 3 KB
1 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1669235162121&cv=9&fst=1669235162121&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa2790693866108a862f7d6ea9f7fb0477f2e951bb2ec16bf4eca70bdbe8a60a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 069F 3 KB
1 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1669235162129&cv=9&fst=1669235162129&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0b7af4b1990d4ef49be5937fb16f0b6b89667193d679a1c8550e1762d6b4561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1039
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 069F 3 KB
1 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1669235162132&cv=9&fst=1669235162132&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a5957607035b9218cd614c43731235c3285204943b7ca8af5180cfdeb3407c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1038
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 069F 3 KB
1 KB 86ms
77ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1669235162135&cv=9&fst=1669235162135&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af752d19cded4c098fdc9a47261f7f3d39098b1feb7709a2b2c3cedc79b8148a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 069F 42 B
64 B 113ms
103ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1669235162121&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=2096658701&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 069F 42 B
108 B 54ms
42ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1669235162121&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=2096658701&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 069F 42 B
64 B 111ms
102ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1669235162129&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=2910959658&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 069F 42 B
108 B 56ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1669235162129&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=2910959658&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D2A7 42 B
64 B 108ms
108ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvr-cTZD0PTDcnShnIy2Ao_Km-B6Wf8TGycuGJK4J55pw3EE14kyvlSQVHUaF5_rCchC1nu_1nvPoUte_PIIUw6yjVkXuvewtAlLZWlS3uw8PS87ELo2xhtUey5c6JV62RS2OXyaQ&sai=AMfl-YRFmV0K0EZ8TF2GhjcDfglWMkjeWz-ome65Vyk6f3x5Q6DHiDm90qY88_ey4vJhZs2I5tj06dAgQT8zk8c&sig=Cg0ArKJSzGH2MpUM-mejEAE&cid=CAQSGwDq26N9TXmtc-JEO6a624r-hztDeQXvQYP4yBgBIBM&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669235159796&rpt=1394&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 069F 42 B
64 B 101ms
99ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1669235162135&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=1386950094&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 069F 42 B
108 B 44ms
43ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1669235162135&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=1386950094&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 069F 42 B
64 B 94ms
93ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1669235162132&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=3414960197&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 069F 42 B
108 B 37ms
36ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1669235162132&cv=9&fst=1669233600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fbauinvest.su%2F&async=1&fmt=3&is_vtc=1&random=3414960197&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 069F 439 B
474 B 131ms
56ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fbauinvest.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Aee5lp4mqf021eb9271dys%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A1%3Als%3A609599561056%3Ahid%3A816849236%3Aphid%3A901723695%3Az%3A0%3Ai%3A20221123202602%3Aet%3A1669235162%3Ac%3A1%3Arn%3A531215925%3Arqn%3A1%3Au%3A1669235162227332144%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C73%2C66%2C1%2C1%2C0%2C%2C171%2C1%2C314%2C314%2C0%2C313%3Acpf%3A1%3Ans%3A1669235159502%3Arqnl%3A1%3Ast%3A1669235162%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(42700)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c94b6217dd814c1a04a0eed8beaefaf905ba84669b31a511add43825cfafd5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 23-Nov-2022 20:26:02 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:26:02 GMT

POST
H2 200 86337058 Show response
mc.yandex.com/webvisor/ 43 B
145 B 591ms
267ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/86337058?wmode=0&wv-part=1&wv-hit=901723695&page-url=https%3A%2F%2Fbauinvest.su%2F&rn=782915584&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669235162%3Aw%3A1600x1200%3Av%3A923%3Az%3A0%3Ai%3A20221123202602%3Au%3A1669235159782487804%3Avf%3Ahfefmzcw94fsyu18inugs%3Awe%3A1%3Ast%3A1669235162&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:03 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23-Nov-2022 20:26:03 GMT
content-type: image/gif
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:26:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2209143065621289&bg=!fn2lfTnNAAbvMpMzzzI7ACkAdvg8Wq4yLswlZxcqxKNaoADKCTriaI9zBuDD0m5G9YVDr_0tQg3JTAIAAAGNUgAAAAtoAQeZApV4DdTEFYPGGgjq7eo4Pl92bE5_pesxAjjI-ae6J5s6krUKsUGC_QAUSbc_otAmaQmDQflZ-JJ0YnWcU6qnpSwULBsjIxy8XklWZGpxbqY6fAcljik1ytylQ12XUy-TuXfQ0jLKNxq-vF1nLbocUsimLqmg__Q0D3Fks_Lz04w2HR-DbWUW1Dwv4gPnSjUYC1zrPC22C3r9Rc16KwPmLKzOKTPv0Zjtog1cjoF09VXesRsjFjMUyVP2OeDZtTtxvBo7e8vMTpYB2Ta5U1doqACzDdu31BQbvDqJWQVVO4Cm4zht3ai2vj3nzWr-JYjmy26Su3jSB33HQpsRekKpZ6SIKEG0hZpIqdMvpfPlZEmUzJwd726MQQzVqcfDmUSvZEXgRPatxi3HBQlJUZUEFfWvRBfm7j6GdvuhoeA0CqEt9kUmGvffvlUVNj3noeRU6B6HUEtpnT-t_WN5yIDVMlZ6HOs40mR45snqmGaIj7byGubm3KlJ04kefaGx6h-mJn7MsIhILcV04dWqPzuvVsLey_xlaz-AeAEbB_qKWR_A3gFF0xXOw0Qz1v9yp3l0N23d2_UiA_LgKtWj1oeteJAr7GVCekp-FlTkNb-5RXkqSGXEko7DoQFgVmTWGh9ecZgBpn_n92BbENp1PCipMBJbdmftDcgz6DozUD0gBZTvHebVtF29oIz13ylPFYv1rzim40i49aE_AkR_yRstagBxpROznR2wtZkBUEhZzsQM1ow2fV6pIFYavPMH3hJv2_ioyXttrAcLI_ZD06TcQLHJd8jNMo_ivyvXh4gxBPImbeMMEdfcadGFb2j875lRc0cOkbvapoqjiqa7VG9cTWUKyvJXSh_ISBD23aCM3_1epuffuxaP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H2 200 86337058 Show response
mc.yandex.com/webvisor/ 43 B
73 B 186ms
186ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/86337058?wmode=0&wv-part=1&wv-hit=901723695&page-url=https%3A%2F%2Fbauinvest.su%2F&rn=1029057232&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1669235163%3Aw%3A1600x1200%3Av%3A923%3Az%3A0%3Ai%3A20221123202602%3Au%3A1669235159782487804%3Avf%3Ahfefmzcw94fsyu18inugs%3Awe%3A1%3Ast%3A1669235163&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:03 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23-Nov-2022 20:26:03 GMT
content-type: image/gif
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:26:03 GMT

POST
H2 200 WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05q...
yandex.ru/an/tracking/ 0
167 B 122ms
63ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05qws90yW5uO1au0MK0Q06o06e1iW1oGRNTN--EUoP9wa7_0IbI_ocms2u1u05q0SM2j08keY0WSA2W0Re2GVTVd0JUKQbFuWB1AeB4AJcCldy10406f6q62dk1G3m2mRW3OA0W860W8281DQ3uOFQZ8FKJg0Em8Gzg0_yYOJSnT_fuM204ENFk270i922W1I0W884g1I0mH02q1J_n85Gs1IKaSkP1k0K0TWMXQpr_iFYsEjoWHVmFvWNbxMqBD0Nq8O3s1UOqZtG627u6C6AzkoZZxpyOu0Pk1e3WXmDK6v4EcbpTJTrRtfaD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VvS-u8R0V0SWVvP6GKT8V1ZOuD3SpC-0W1j0X____0TKY__z__u4Z00000000y3yD0BuwoiD8cmHovLA8ByN8Qw8MWrxcArMEaKSWfADpuSf1YZtTcidQQA_8O1G0~1?action-id=14&adsdk-bundle-version=684465&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=511&adsdk-container-height=287&video-avatar-width=510&video-avatar-height=287&ad-session-id=169841669235159033&vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&client-ts=1669235163274&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=684465%2C0%2C19&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:03 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:03 GMT

POST
H2 200 log
log.strm.yandex.ru/ 0
69 B 138ms
79ms Ping
text/plain 2a02:6b8::28d
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://log.strm.yandex.ru/log?VAS=684465&event=VastTracking_impression
Requested by: Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bauinvest.su
access-control-expose-headers: Date
date: Wed, 23 Nov 2022 20:26:03 GMT
access-control-allow-credentials: true
timing-allow-origin: https://bauinvest.su
content-length: 0
x-request-id: 1669235163374392-8561021182634555378

POST
H2 200 WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05q...
yandex.ru/an/tracking/ 0
53 B 467ms
411ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05qws90yW5uO1au0MK0Q06o06e1iW1oGRNTN--EUoP9wa7_0IbI_ocms2u1u05q0SM2j08keY0WSA2W0Re2GVTVd0JUKQbFuWB1AeB4AJcCldy10406f6q62dk1G3m2mRW3OA0W860W8281DQ3uOFQZ8FKJg0Em8Gzg0_yYOJSnT_fuM204ENFk270i922W1I0W884g1I0mH02q1J_n85Gs1IKaSkP1k0K0TWMXQpr_iFYsEjoWHVmFvWNbxMqBD0Nq8O3s1UOqZtG627u6C6AzkoZZxpyOu0Pk1e3WXmDK6v4EcbpTJTrRtfaD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VvS-u8R0V0SWVvP6GKT8V1ZOuD3SpC-0W1j0X____0TKY__z__u4Z00000000y3yD0BuwoiD8cmHovLA8ByN8Qw8MWrxcArMEaKSWfADpuSf1YZtTcidQQA_8O1G0~1?action-id=13&adsdk-bundle-version=684465&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=511&adsdk-container-height=287&video-avatar-width=511&video-avatar-height=287&ad-session-id=169841669235159033&vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&client-ts=1669235163277&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=684465%2C0%2C19&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1121531090%3B0%3B40f4d41349f8bf65%3B6972600250896811260%3B0%3B1615716%3B2%3B0&product-theme=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:03 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:03 GMT

POST
H2 200 86337058 Show response
mc.yandex.com/webvisor/ 43 B
73 B 69ms
69ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/86337058?wmode=0&wv-part=2&wv-hit=901723695&page-url=https%3A%2F%2Fbauinvest.su%2F&rn=522291756&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1669235164%3Aw%3A1600x1200%3Av%3A923%3Az%3A0%3Ai%3A20221123202603%3Au%3A1669235159782487804%3Avf%3Ahfefmzcw94fsyu18inugs%3Awe%3A1%3Ast%3A1669235164&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bauinvest.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:03 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 23-Nov-2022 20:26:03 GMT
content-type: image/gif
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 20:26:03 GMT

POST
H2 200 WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05q...
yandex.ru/an/tracking/ 0
125 B 74ms
72ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05qws90yW5uO1au0MK0Q06o06e1iW1oGRNTN--EUoP9wa7_0IbI_ocms2u1u05q0SM2j08keY0WSA2W0Re2GVTVd0JUKQbFuWB1AeB4AJcCldy10406f6q62dk1G3m2mRW3OA0W860W8281DQ3uOFQZ8FKJg0Em8Gzg0_yYOJSnT_fuM204ENFk270i922W1I0W884g1I0mH02q1J_n85Gs1IKaSkP1k0K0TWMXQpr_iFYsEjoWHVmFvWNbxMqBD0Nq8O3s1UOqZtG627u6C6AzkoZZxpyOu0Pk1e3WXmDK6v4EcbpTJTrRtfaD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VvS-u8R0V0SWVvP6GKT8V1ZOuD3SpC-0W1j0X____0TKY__z__u4Z00000000y3yD0BuwoiD8cmHovLA8ByN8Qw8MWrxcArMEaKSWfADpuSf1YZtTcidQQA_8O1G0~1?action-id=1&adsdk-bundle-version=684465&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=511&adsdk-container-height=287&video-avatar-width=511&video-avatar-height=287&ad-session-id=169841669235159033&vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&client-ts=1669235163993&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=684465%2C0%2C19&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1121531090%3B0%3B40f4d41349f8bf65%3B6972600250896811260%3B0%3B1615716%3B2%3B0&product-theme=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:04 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:04 GMT

GET
H3 200 cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/ Frame FDCF 349 B
288 B 16ms
15ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/cd2696fd4b4633d9b42115314ccf4590.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/3cdc7b676e4307767976b64e94f3c4a5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 11:08:11 GMT
age: 551874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:11 GMT

GET
H3 200 2185dce47bd07b77ada4a81889dba2c6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/ Frame FDCF 11 KB
11 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/2185dce47bd07b77ada4a81889dba2c6.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907d7ef409c89a549ed62e9b4fd5af7dce60f6f1acb57d2f8ded07685e85a90

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 17 Nov 2022 11:08:12 GMT
x-content-type-options: nosniff
age: 551873
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10787
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:12 GMT

GET
H3 200 80ef6e9e4c5dca89db8e2860a6735286.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/ Frame FDCF 10 KB
10 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/media/80ef6e9e4c5dca89db8e2860a6735286.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa04ea165cc1dd7cd8d8884d6875f754b2ba86945e453114eeaf9d51c2f14f9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 17 Nov 2022 11:08:16 GMT
x-content-type-options: nosniff
age: 551869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10164
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 19:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 11:08:16 GMT

POST
H2 200 WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05q...
yandex.ru/an/tracking/ 0
125 B 73ms
72ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05qws90yW5uO1au0MK0Q06o06e1iW1oGRNTN--EUoP9wa7_0IbI_ocms2u1u05q0SM2j08keY0WSA2W0Re2GVTVd0JUKQbFuWB1AeB4AJcCldy10406f6q62dk1G3m2mRW3OA0W860W8281DQ3uOFQZ8FKJg0Em8Gzg0_yYOJSnT_fuM204ENFk270i922W1I0W884g1I0mH02q1J_n85Gs1IKaSkP1k0K0TWMXQpr_iFYsEjoWHVmFvWNbxMqBD0Nq8O3s1UOqZtG627u6C6AzkoZZxpyOu0Pk1e3WXmDK6v4EcbpTJTrRtfaD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VvS-u8R0V0SWVvP6GKT8V1ZOuD3SpC-0W1j0X____0TKY__z__u4Z00000000y3yD0BuwoiD8cmHovLA8ByN8Qw8MWrxcArMEaKSWfADpuSf1YZtTcidQQA_8O1G0~1?action-id=2&adsdk-bundle-version=684465&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=511&adsdk-container-height=287&video-avatar-width=511&video-avatar-height=287&ad-session-id=169841669235159033&vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&client-ts=1669235166472&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=684465%2C0%2C19&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1121531090%3B0%3B40f4d41349f8bf65%3B6972600250896811260%3B0%3B1615716%3B2%3B0&product-theme=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:06 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:06 GMT

POST
H2 200 WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05q...
yandex.ru/an/tracking/ 0
125 B 82ms
82ms Ping
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/tracking/WUyejI_zO2W1BGy0P1i000008gIfXGK0A08nru5-Om00000uo9t50M2y26W4W041Y064zzdJcW6G0VQsi8FWW8200fW1zhQmWs2u0OJ7cj0bs07Aew2Y0U01bfMlcG6W0exwXG700WlGL-W4pmBu183148W5oAi1a0M0mH2W1TA41QW5cfa4i0MQcGIu1PgP1C05qws90yW5uO1au0MK0Q06o06e1iW1oGRNTN--EUoP9wa7_0IbI_ocms2u1u05q0SM2j08keY0WSA2W0Re2GVTVd0JUKQbFuWB1AeB4AJcCldy10406f6q62dk1G3m2mRW3OA0W860W8281DQ3uOFQZ8FKJg0Em8Gzg0_yYOJSnT_fuM204ENFk270i922W1I0W884g1I0mH02q1J_n85Gs1IKaSkP1k0K0TWMXQpr_iFYsEjoWHVmFvWNbxMqBD0Nq8O3s1UOqZtG627u6C6AzkoZZxpyOu0Pk1e3WXmDK6v4EcbpTJTrRtfaD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VvS-u8R0V0SWVvP6GKT8V1ZOuD3SpC-0W1j0X____0TKY__z__u4Z00000000y3yD0BuwoiD8cmHovLA8ByN8Qw8MWrxcArMEaKSWfADpuSf1YZtTcidQQA_8O1G0~1?action-id=3&adsdk-bundle-version=684465&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=511&adsdk-container-height=287&video-avatar-width=511&video-avatar-height=287&ad-session-id=169841669235159033&vsid=271750227d71ae598a00461454a8bad721374a67ebbbxVASx4733x1669235159&top-ancestor=https%3A%2F%2Fbauinvest.su&top-ancestor-undetermined=0&client-ts=1669235168971&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=684465%2C0%2C19&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1121531090%3B0%3B40f4d41349f8bf65%3B6972600250896811260%3B0%3B1615716%3B2%3B0&product-theme=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/vas-bundles/684465/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bauinvest.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 20:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 23 Nov 2022 20:26:09 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://bauinvest.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 23 Nov 2022 20:26:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 07:42:01	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 07:49:13	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 07:42:01	Name: pcs3 Value: 1
.yadro.ru/	1970-01-20 16:24:46	Name: FTID Value: 1ZVe7M2yL8eR1ZVe7M002BgP
.bauinvest.su/	1970-01-20 16:26:11	Name: _ym_uid Value: 1669235159782487804
.bauinvest.su/	1970-01-20 16:26:11	Name: _ym_d Value: 1669235159
.bauinvest.su/	1970-01-20 17:02:11	Name: __gads Value: ID=88ee598f9fa4863e-22cf5e0bcecf0000:T=1669235158:RT=1669235158:S=ALNI_MYRg3wAxyFQhXJdNbOux3KgB2ANVA
.bauinvest.su/	1970-01-20 17:02:11	Name: __gpi Value: UID=00000b8660432e50:T=1669235158:RT=1669235158:S=ALNI_MYH4I7grJo-jQdCGZlKKQVIGncDLw
.mc.yandex.com/	1970-01-20 07:40:35	Name: sync_cookie_csrf Value: 1076920119fake
.yadro.ru/	1970-01-20 16:24:46	Name: VID Value: 1mptMY1RhDeR1ZVe7M002PSg
.bauinvest.su/	1970-01-20 07:41:47	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 07:40:35	Name: sync_cookie_csrf Value: 660669601fake
.yandex.com/	1970-01-20 16:26:11	Name: yandexuid Value: 3021280951669235159
.yandex.com/	1970-01-20 16:26:11	Name: yuidss Value: 3021280951669235159
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2489260961669235159
.yandex.com/	1970-01-20 17:16:35	Name: i Value: wPnpmK68xdZx4WerO47osFxyvgyBtR6A0WZQLdTqI17H9+Gen4IlhqJnw5RLsOOL2EFff/VXmzI1uJC4n78ZNdKoUeU=
.yandex.com/	1970-01-20 16:26:11	Name: ymex Value: 1700771159.yrts.1669235159#1700771159.yrtsi.1669235159
.bauinvest.su/	1970-01-20 07:40:36	Name: _ym_visorc Value: w
.yandex.ru/	1970-01-20 17:16:35	Name: yandexuid Value: 5455616711669235159
.yandex.ru/	1970-01-20 17:16:35	Name: i Value: yfrm3lAo9phow6ZbzSUQxtQ2nm4dI1JoXXLjSUjeF5Y0+/BXFTigmCBW15PvgGoB5wwMwb9GgGc9aKCotveLJBmGfhw=
.doubleclick.net/	1970-01-20 17:02:11	Name: IDE Value: AHWqTUkHYGj5lFLQJHuywFxe_O6dGgLc6I1oUR3pDXuJy7xeMvJLckf6AN0O-DyMwYY
px.arcspire.io/	1970-01-20 08:23:47	Name: arcid Value: aef69e38d084d8333f3302
.adx.opera.com/	1970-01-20 16:26:11	Name: UID Value: OPU7763dbf575fb421abc300e0d1d363328
.360yield.com/	1970-01-20 09:50:11	Name: tuuid_lu Value: 1669235160
.betweendigital.com/	1970-01-20 16:26:11	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 16:26:11	Name: ss Value: 1
.betweendigital.com/	1970-01-20 16:26:11	Name: tuuid Value: 84f1281a-75fb-5247-bfbe-2050dcc0a188
.360yield.com/	1970-01-20 09:50:11	Name: tuuid Value: a22d4996-b288-4fbd-a07c-7e931c5647a5
.acint.net/	1970-01-20 07:40:35	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 17:16:35	Name: aid Value: CkIDFWN+gdgrUAJ6HvXRAqKVVreHS4Bce21BvN9kh6AMY1uA
.tns-counter.ru/	1970-01-20 16:26:11	Name: guid Value: 10896A34637E81D8X1669235160
.yandex.ru/	1970-01-20 17:16:35	Name: yuidss Value: 5455616711669235159
.betweendigital.com/	1970-01-20 16:26:11	Name: ut Value: Y36B2AANlJAu6Op9sqVHYcneMPHMRiT0S6OakA==
.dmg.digitaltarget.ru/	1970-01-20 17:16:35	Name: viuserid Value: yIN-Re4IxLCSOAx7qfno
.demdex.net/	1970-01-20 11:59:47	Name: demdex Value: 82957793911643375874048103532513244136
.360yield.com/	1970-01-20 09:50:11	Name: umeh Value: !429,0,1731443160,-1
.acint.net/	1970-01-20 08:23:47	Name: cSyncDp14v3 Value: 1669235160
.agkn.com/	1970-01-20 16:26:11	Name: ab Value: 0001%3A6BnaztaVu6mWtBpXisdECpORAC27KZ3H
.agkn.com/	1970-01-20 16:26:11	Name: u Value: C\|0CEArET5YKxE-WAAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 16:26:11	Name: CMID Value: Y36B2ANfGvynJ-UQj1gxsQAA
.casalemedia.com/	1970-01-20 09:50:11	Name: CMPS Value: 1220
.casalemedia.com/	1970-01-20 09:50:11	Name: CMPRO Value: 1220
.quantserve.com/	1970-01-20 09:50:11	Name: d Value: EG0BCQHSJ4EA
.quantserve.com/	1970-01-20 17:10:49	Name: mc Value: 637e81d8-b9397-d071b-bff92
.dpm.demdex.net/	1970-01-20 11:59:47	Name: dpm Value: 82957793911643375874048103532513244136
.pubmatic.com/	1970-01-20 07:42:01	Name: KTPCACOOKIE Value: YES
kimberlite.io/	1970-01-20 09:50:11	Name: u Value: Y36B19CoHlw~bIk7iO0MXmXn4cqeN9Y1Cv--p_4
.weborama.fr/	1970-01-20 17:06:30	Name: AFFICHE_W Value: 8P4WHNM@Jqnw78
.pubmatic.com/	1970-01-20 09:50:11	Name: KADUSERCOOKIE Value: 14A2C494-2887-4397-B40B-3BCC19D1E656
.360yield.com/	1970-01-20 09:50:11	Name: um Value: !429,PJqfmM9Hdi2Ga7gPKN2ZEAo9gIiuA6AP7hvTr8maMLkcWKHujscLg8yqPy6YyzEqQtg,1677011160
.casalemedia.com/	1970-01-20 09:50:11	Name: CMTS Value: 1142
.ssp-rtb.sape.ru/	1970-01-20 17:16:35	Name: sspuid Value: CkIDIWN+gdic6wAeIC/HAq9bMZSvCTdqqrD4ohSc8m8ABCWV
.uuidksinc.net/	1970-01-20 16:26:11	Name: jcsuuid Value: rgwdTNX5w3C5nxbPm3HQ
.doubleclick.net/	1970-01-20 07:40:38	Name: DSID Value: NO_DATA
.sonar.semantiqo.com/	1970-01-20 17:16:35	Name: semantiqo_a Value: 6d74b238c1c44ae6ab9b2e793a37a78c
.sonar.semantiqo.com/	1970-01-20 16:36:15	Name: check Value: d17a462bfafb4392b24fb56673b1ec3b
.adhigh.net/	1970-01-20 16:26:11	Name: gi_u Value: uMm4hHRqR8T6.AikABlGEpis4FA
.mts.ru/	1970-01-20 16:13:13	Name: dspid Value: 99ba541c-8ec3-462d-a53b-d2cfb29d9ef4
.adhigh.net/	1970-01-20 16:26:11	Name: yandexssp_sync Value: jZj
.1dmp.io/	1970-01-20 16:26:11	Name: uid Value: 0bedbb11-6b6d-11ed-8677-901b0e934d81
.upravel.com/	1970-01-20 07:40:35	Name: session_tptc Value: 1669235161411
.mts.ru/	1970-01-20 17:16:35	Name: mts_id Value: b734c22c-a0c2-46ca-9f4e-2377a29a1395
.mts.ru/	1970-01-20 17:16:35	Name: mts_id_last_sync Value: 1669235161
.caltat.com/	1970-01-20 17:16:35	Name: caltat Value: 7e33f2b5473f4fbda78c0e5efecbf973
.1dmp.io/	1970-01-20 07:40:35	Name: ru-seq Value: null
.upravel.com/	1970-01-20 17:16:35	Name: user_id Value: 04818ac9-cc1b-4a88-891f-d600095315a6
.rutarget.ru/	1970-01-20 11:59:47	Name: userId Value: lfvOCNNEjqXl
.magnitent.com/	1970-01-20 17:16:35	Name: sonar Value: 6d74b238c1c44ae6ab9b2e793a37a78c
.magnitent.com/	1970-01-20 17:16:35	Name: ct Value: 7e33f2b5473f4fbda78c0e5efecbf973
.magnitent.com/	1970-01-20 17:16:35	Name: spid Value: CAB2A17849AEC067
.magnitent.com/	1970-01-20 08:25:13	Name: 3db Value: CAB2A17849AEC067
.yandex.ru/	1970-01-20 17:16:35	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 17:16:35	Name: is_gdpr_b Value: CIy8DhCPlwEYAQ==
.aidata.io/	1970-01-20 17:16:35	Name: __upin Value: eU8nD65HpcLclmSIY7/YKQ
.aidata.io/	1970-01-20 17:16:35	Name: __upints Value: 1669235161
x01.aidata.io/	1970-01-20 07:50:39	Name: yaya Value: 1
.awin1.com/	1970-01-20 07:44:54	Name: awpv11354 Value: 412871\|1669235161\|0c37bc60-6b6d-11ed-9792-223985e9a9b7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377133:2470172
www.conrad.de/	1970-01-20 07:47:47	Name: HTLP_timestamp Value: 1669235162
www.conrad.de/	1970-01-20 07:47:47	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 07:40:36	Name: __cf_bm Value: oMoCZ7fbKCgkwplbuKx41dVCvXtnJu72fN89rPsJNhA-1669235162-0-Aa/1ojv7k+iMHoSTae3oA3UZEQxSmZLxKWWCqdThvoolRKlfJe/AuwdpbVudk254NLGXaALv5p9uJtCzXyA4rr8=
.o2online.de/	1970-01-20 07:50:39	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjY5MjM1MTYydmxlYTFkZTIwMjIxMTIzMjEyNjAyNzg4MjA4ODE4NjVYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 07:50:39	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 07:50:39	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022112321260278820881865X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjY5MjM1MTYydmxlYTFkZTIwMjIxMTIzMjEyNjAyNzg4MjA4ODE4NjVYMTE3NzAzVjEyMjYxMzI3MDJNU
.blau.de/	1970-01-20 07:50:39	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY2OTIzNTE2MnZsZWExZGUyMDIyMTEyMzIxMjYwMjc4ODIwODgxODYzWDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/	1970-01-20 07:50:39	Name: nscQ486 Value: V
.blau.de/	1970-01-20 07:50:39	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022112321260278820881863X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9831.n-Buxu7EAU16ut0SIgP5P8HBORjqJuoYwwsuSfQNwLfMggWj86m4utYO1lCZ0W62aPKxw-5F9DYZhEaPiiqOlA%2C%2C.eyZ85jBL6zGEo15XBSCImNqjsN4%2C Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9312090110594362970/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ad.doubleclick.net
ad4m.at
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
as.ad4m.at
assets.ad4m.at
avatars.mds.yandex.net
bauinvest.su
cdn3.caltat.com
cm.g.doubleclick.net
cm.tns-counter.ru
cms.quantserve.com
counter.yadro.ru
d.agkn.com
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
ext-strm-itt06.strm.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
im.bluevoox.com
image6.pubmatic.com
kimberlite.io
log.strm.yandex.ru
match.360yield.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
prod-rtb.ad4mat.net
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
rtb.openx.net
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssum-sec.casalemedia.com
static-de.ad4mat.net
strm.yandex.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
tpc.googlesyndication.com
www.awin1.com
www.conrad.de
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
142.250.184.198
172.217.16.194
172.64.154.237
176.9.79.218
185.15.175.148
185.64.189.115
188.42.34.64
188.72.107.228
193.232.150.45
193.3.184.210
193.3.184.228
195.201.57.28
2001:41a8:104:3::8
2001:6d0:4001::226
213.87.44.187
216.58.212.130
217.66.147.33
23.203.81.208
23.88.12.14
2600:1901:0:76b9::
2606:4700:20::681a:e45
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2606:4700::6812:7f05
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::28d
2a02:6b8::487
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
3.248.125.109
31.172.81.158
31.220.27.155
34.98.67.61
35.157.182.139
35.177.4.157
35.186.253.211
35.190.24.218
37.18.16.22
45.130.41.21
45.9.24.193
46.4.41.145
52.211.148.182
52.45.175.185
54.77.23.81
69.173.144.165
78.46.100.125
80.78.249.201
81.222.128.215
82.145.213.8
84.200.5.215
88.198.16.238
88.212.201.204
88.99.63.132
89.108.119.43
91.192.149.30
95.217.109.66
95.217.86.150
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
03ee9456f106cca573ffbe508a3dd03e3875f5c96878c495be8a30d76eaa75ff
054175fd1241944b5b6cc8aa44aa51904aaa24617a9d866478f10344ac818901
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7858f80025e6681c82ad90c811daafc451bcd6c66c974236d35d5650f9703c
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a769cb78fa2e1290f2c89a5a5da6757ccbb991d545fcd2b08e00c71e5e630bb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ed46beb4837b8ea9adb79bb1396a83f3fc88f5e904a4e781825c91284da2de5
2993be5722eab3cf074bb6a827d3f898b26cc133feddb38f1d5d98114ad3f1ef
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3907d7ef409c89a549ed62e9b4fd5af7dce60f6f1acb57d2f8ded07685e85a90
3b8e92f7fca6451069a3ffd853597ad9c7ccc075bcf1bb326ec866579cf5e0cb
401de6f106bbeea4555dfe05a50e1d5ad2500c037a4f098eff279d12cd39a55b
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
468f9f117aa33043232668ac8a3e04ef67567dd43bd28dde9a3e58353c5f42d8
47a56c90157ce2e0292668f6294a3a74c48ba37a7d457a2a57b1f3641e0e3299
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a5957607035b9218cd614c43731235c3285204943b7ca8af5180cfdeb3407c5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0fa35c5a44677cc0a678f03795032aa862275dc29e978a84a2ee41ef267c10
526de1df499ec6af5ca31bddf53c5582c5b23dd9c77bf22e9d3c36ab3c4c2b35
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c94aadfbe04dda0b0b5e2caa901efbab78ea6092ca3fa63d849c7e66688269f
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d8c2381e125aad264dbe70c204b1b56c74728dabd91cadc475996aa92932ff3
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dc503c777db5a88b1222664aff25b15d27b354dad07cc42bf1c9f79b06011e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6448707333e2cd315212bb14e3ec42b201f2a08cc7bf8aad63de93149dd86479
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6a9ffd212b49ebb3c4972bf0596b49e6e82d8df757a3a989d4cff99b20d64526
6aa04ea165cc1dd7cd8d8884d6875f754b2ba86945e453114eeaf9d51c2f14f9
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6e8683af9a1562be54a15204a33238e1d04f7dea2760248a36cca6c88c619165
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c00ac380900e94b176e5391058c3a3a65b297c77f084e6a02ac1966bc8de302
7f012146b4bce97b1fd2b6c58c5af9069ee6853ae409d8e9b9fea0a001e9f70f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85d5f7d7ec9a5967dd34903106e364774ab147a7dae3e590b8edc82ce0dd3e7b
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
9047c638b761185e700c2a98f9b39bb527417d847e29073f8e68fc02146ad2d3
921d001dcd0930a15a3000a9fa96d5252da111fcbefe7d0b58dafb77e2a6edb6
9335e718fbdc357cb13cf4082e08d2ab7556950e73cfdddf2ba61c3312a27678
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0f7cf1d6255532e292f05baf86f489e7976487063307745c6adc7d02b3fa63
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9d79741619059cd22aa195bf5a5c87246b51b51e31aa1d08511d13eb2d6bfddb
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e132e6ec1f3853fe883cd3eb4e56a97ef75da3de1f47c930b83a5e70dc886c5
9ea7295f5d44ae75e7f1628d20e59e496751192d59bd9e74a24ba191cd994324
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4480cf4143094a283f0f8410158bba81ea7a95d60a8e5f9753ff29d36d1ad11
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ae508cdc4d426bf343ccbe1cacdf2a1ee552faeb9f3400c9a5bfd052a98f59b3
af752d19cded4c098fdc9a47261f7f3d39098b1feb7709a2b2c3cedc79b8148a
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0b7af4b1990d4ef49be5937fb16f0b6b89667193d679a1c8550e1762d6b4561
b4ace525533da929faca003eb02308fde400531287444465bbaf9bdea4e90111
b726bc83cc8c5dfe31969086178144a65e10fec80a565829fd98a0fa73f72bf9
b9c60d04c36692faad09225bd6cba72fea821c051867c63fb0b6af46e1bd4107
bce3c6afc4dd5630c50984207ec7ecadb7ccd68ced786ebfc8e34ae84192d986
bf8c81c641ae05099a8851a4159922bbe89d6290cd3cc30292a9b0017aac5eb7
bfe0f3a49830f9747c91c63894d755ac010e19405eec498e230089882c5ec571
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c94b6217dd814c1a04a0eed8beaefaf905ba84669b31a511add43825cfafd5eb
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cd3cb76f65fb4683764319c66dfd9817da56f820f4abfd220246ac3de848aeb8
cde82220d2c4166b40c5a02ab7ec58f05ea15e8a3e38601d5e0be60fbe0714ea
cf91862ab9b02bebe5ffba10e1e3a2235823aa9375328589c8b1ea72a7ad3f0c
d0195a1e9cb09c7d786bb33423e210b95a19eb98008f219d30e7cefca8e1d397
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d1e5caaa74d4e1041d0699febaa811725558dd3c35b9e9d5df9b8ceefb26b17a
d2ba77c35106fd4575a7fa3a09aadd3b81b8af4059e9a9bd2ac903552ca52401
d2efd205901a97f2a22338f1053f1d28262df2e93547eb659f659615db658066
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f021f546bc2d10e64476240d6d87eb94eb3e9e62545969dbc1ceaa1b72b0523d
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f4f86f352861b0f7801ffda95f6a0eeb6e93bedb42d92d41922e5235705a0ce9
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f645fd3780b597eb950ce2c193261d2f1b9560953e6adc075c14c055f60be019
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fa2790693866108a862f7d6ea9f7fb0477f2e951bb2ec16bf4eca70bdbe8a60a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fff31270d9ebd243b8bdff7aabdbba9519eabf8c8eaf878d58bef2444a634490

bauinvest.su Open in urlscan Pro 45.130.41.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

219 Requests

79 %HTTPS

36 %IPv6

60 Domains

79 Subdomains

42 IPs

10 Countries

2967 kBTransfer

6591 kBSize

87 Cookies

3 Outgoing links

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bauinvest.su Open in urlscan Pro
45.130.41.21 Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

79 %
HTTPS

36 %
IPv6

60
Domains

79
Subdomains

42
IPs

10
Countries

2967 kB
Transfer

6591 kB
Size

87
Cookies

219 HTTP transactions
3 data transactions