dramasq.su Open in urlscan Pro
2606:4700:3031::ac43:a742 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dramasq.su/video/144162-2-1.html
Submission Tags: falconsandbox
Submission: On November 26 via api (November 26th 2022, 3:42:46 pm UTC) from US — Scanned from DE

Summary HTTP 191 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 29 domains to perform 191 HTTP transactions. The main IP is 2606:4700:3031::ac43:a742, located in United States and belongs to CLOUDFLARENET, US. The main domain is dramasq.su. The Cisco Umbrella rank of the primary domain is 298149.
TLS certificate: Issued by E1 on September 30th 2022. Valid for: 3 months.

This is the only time dramasq.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3031::ac43:a742	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	172.255.6.145 172.255.6.145	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
4	163.181.56.193 163.181.56.193	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	163.181.56.192 163.181.56.192	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
19	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
12	2600:9000:21f... 2600:9000:21f3:dc00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
23	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.110.157 142.250.110.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:25::9	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 12	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.64.190.78 185.64.190.78	() ()
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
191	42

9 2606:4700:3031::ac43:a742 (United States)

ASN13335 (CLOUDFLARENET, US)

dramasq.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.145 (Netherlands)

ASN7979 (SERVERS-COM, US)

rm.itczenair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

qdramas.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 163.181.56.193 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

g.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.192 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

player.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:21f3:dc00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.110.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:25::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edndy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182 ade.googlesyndication.com — Cisco Umbrella Rank: 313	581 KB
31	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 bid.g.doubleclick.net — Cisco Umbrella Rank: 859 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	170 KB
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 590 pix.eu.criteo.net — Cisco Umbrella Rank: 4492 csm.eu.criteo.net — Cisco Umbrella Rank: 4579	102 KB
13	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4303 a.disquscdn.com — Cisco Umbrella Rank: 9939	540 KB
11	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	118 KB
9	dramasq.su dramasq.su — Cisco Umbrella Rank: 298149	56 KB
8	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1123 r4---sn-4g5edndy.c.2mdn.net — Cisco Umbrella Rank: 367465 s0.2mdn.net — Cisco Umbrella Rank: 332	237 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562	5 KB
6	disqus.com qdramas.disqus.com disqus.com — Cisco Umbrella Rank: 1398 referrer.disqus.com — Cisco Umbrella Rank: 6903	67 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107 imasdk.googleapis.com — Cisco Umbrella Rank: 492	137 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
5	alicdn.com g.alicdn.com — Cisco Umbrella Rank: 4380 player.alicdn.com — Cisco Umbrella Rank: 472597	358 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	189 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 276	3 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 7412 ads.eu.criteo.com — Cisco Umbrella Rank: 4506 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 5763	45 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2489	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5200	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
1	atdmt.com ad.atdmt.com — Cisco Umbrella Rank: 4122
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2331	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 411	457 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 787	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 956	463 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 300	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	695 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	43 KB
1	itczenair.com rm.itczenair.com
0	sd-play.com Failed iqiyi.sd-play.com Failed
191	29

	Domain	Requested by
34	pagead2.googlesyndication.com	dramasq.su pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
23	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net dramasq.su
12	c.disquscdn.com	qdramas.disqus.com disqus.com c.disquscdn.com
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
9	dramasq.su	dramasq.su
7	static.criteo.net	ads.eu.criteo.com
5	s0.2mdn.net	dramasq.su s0.2mdn.net googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	pix.eu.criteo.net	ads.eu.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	disqus.com	qdramas.disqus.com c.disquscdn.com
4	g.alicdn.com	dramasq.su g.alicdn.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	dramasq.su
3	ade.googlesyndication.com	dramasq.su
3	csi.gstatic.com	imasdk.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	r4---sn-4g5edndy.c.2mdn.net	dramasq.su
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ad.atdmt.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	dramasq.su
1	referrer.disqus.com	dramasq.su
1	a.disquscdn.com	dramasq.su
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	player.alicdn.com	dramasq.su
1	qdramas.disqus.com	dramasq.su
1	www.googletagmanager.com	dramasq.su
1	rm.itczenair.com	dramasq.su
0	iqiyi.sd-play.com Failed	g.alicdn.com
191	49

This site contains no links.

Subject Issuer	Validity	Valid
*.dramasq.su E1	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
rm.itczenair.com R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-22` - `2023-08-06`	a year	crt.sh
a.disquscdn.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-07` - `2023-11-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2022-09-04` - `2022-12-03`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://dramasq.su/video/144162-2-1.html
Frame ID: D5BEA6C78DE184BA7783337A428CD538
Requests: 28 HTTP requests in this frame

Frame: https://dramasq.su/static/player/aliplayer.html
Frame ID: 3F46E991DE879109BC66EC5EA0921DFE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 604C6FB5366385D52DC5E5CE03F97131
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
Frame ID: 1A96A6A08429D355DD58BF32C066DB0F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&adk=1812271804&adf=3025194257&lmt=1669477360&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360598&bpp=3&bdt=338&idt=332&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1556363333372&frm=20&pv=2&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=352
Frame ID: EB2A2BA16AF4933A9E53A7D7EAFD90B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=6494681079&adk=1890418503&adf=2653041513&pi=t.ma~as.6494681079&w=1200&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=1200x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360601&bpp=2&bdt=340&idt=358&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R5eFVaitU6&p=https%3A//dramasq.su&dtd=374
Frame ID: 98EC89FEF86C41D252A5A1B21AA9CCD2
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&slotname=4168137656&adk=378053847&adf=3235933448&pi=t.ma~as.4168137656&w=287&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=1&bdt=343&idt=383&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7fPNdEwwTQ&p=https%3A//dramasq.su&dtd=386
Frame ID: C69C3801C6B276112E58C85534EF2877
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=8159439231&adk=4096191546&adf=3215562993&pi=t.ma~as.8159439231&w=728&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=728x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=6&bdt=343&idt=391&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C287x600&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=wbmI3t6ot0&p=https%3A//dramasq.su&dtd=393
Frame ID: 09BF09B9C85A57DD015F6AF6BD8C8179
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B00B3EEF3ECCBD3B91B8B9F3DC60F5F4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6
Frame ID: E13C6569E9A18085F9EB7D7E75C30700
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 598FEB2BBC9329E35BB5F6EE40EA6210
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 38688FB474C2EE431A61162F88E1E273
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4Iz8QABNvwABiVEAAQv1wMg3EXoYQq_Dlfesw&u=%7CnZNdCgpOwOd95sqK3UNYFfWGUv0pgKkMhPJ0%2FeXcNkY%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9TOLHD9Ds7_1I9hDgzfPTGA0p6uh-UJpveCdSdsbo9WT9Cnxh6joohzOr4FQh0_tSyoGp7n8agFqL0a1S65lqW5HgN-2mn2BW0EU-J2e2wZHiZZyaGbZ0bJZdFRJclYfsyg7nphNEeZohKcU5hY7FN5btqNJcQ1ArZIIZN9-ZJci-QnQgDof49eTiQHlm20PXhUEXVAzNLIw166qWwjD5AD_m8JPu5vMenfWHjuHXM_qU7TGGDGrbT18t_UxQR29cPWzI1wdQOalkdJ751-GfdQdQAnGGPM6KvUiZ98gFwXMFLqX_jwDjwvwySZtek6JLZxLHZpHouql6w5fngKr24ozalMeVTl1_i_lHNAI8Pp2JpCUvogBLcZ_6rxN_tfTYKc80fczrzkWAMGVhdTOVKYp04NqVvC2PxDu2P8OyszENs7rdpynh7o6INDNwEl3V0-9IaxspQOr3Riz7gq9bNXA6Z57krqtckIc7alutVGbAEQ4HhfAb7fwPX3xwdf-OW63QiuyMHhCEhLPqKldWxNugf5NOySm-l3wiTIZp1t_I_r8xSY4y-T5KQCL6ZIs4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBS-z8TOCY_ztBMTKmLAP19-QkArJntKxXLWY49aTAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05MzA0OTI4MzU5NTAxOTg1yAEJqQL9XeJ6n3CxPqgDAaoEzAFP0Fvh59H3qqofS8kt90L6pgw4RkMgn2OxeUcp29MlsGdLuigjBKaQchGS_UtquaUynuzDRzO33626hqV7ArWn-ukLdhygB298jERcijMndgZlD9_KZWgFe3XjFdwf0sK81DAqfwpzjJeKs0HhUncHmO5sdHlbbdpa_qzgP5i16sr1njWXlBawJIuzRFAuk64Wifp_l6tZWhew_uQoTrMtktU888ThtDoPgD466NtgDcx7O6J8YAgFZJEKcfjnH60m1A_-IjsUWHF3GJuABqufqc3aouL1J6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02m0lulByH9hJmMoYsSYGZQtP8_Q%26client%3Dca-pub-9304928359501985%26adurl%3D
Frame ID: AED5FC1BC6EC800E7857132FD9713AD3
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: BD1F07AFE0DE46A6FDF6B22B07168A53
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B10442B87834342E7BA3F38EB296372F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgsLp1gEwAQ&v=APEucNVfNPgqbC8b_NC1qKjYwttoc1uz1Uv4ivLNSHcDsFJaa9uBujjS-jI5DMyD246EmZ4vFPcjy4Wq4Xn-ru7vWmFIfvRBK2Uunon4Fh_bHwujhiwzGqj6q8_MEi0hgp03dmXxrizXLBHzRkBGn-JkWEObcsibTnebMAsmAwMXYFCdH9wYuOY
Frame ID: 5366EBE7179EC966B7AA941737107406
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA0D8CF61CF18C7A40BF458F9FD62A93
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5427BA6DF481D6551A65B0B654F3AF1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.html
Frame ID: BF79F6B82BCBE2D149DADFBEB93CB5D4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0DD9C007346936D52FFDE6B054728366
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13084743CF605437E2EA9EA86EED224A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

海賊王第901集線上看 - DramasQ

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

191
Requests

92 %
HTTPS

61 %
IPv6

29
Domains

49
Subdomains

42
IPs

6
Countries

2673 kB
Transfer

10146 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://gcdn.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/210409C076872AC11B3A2CE7D945A25A4DE9520.5812FF20E6C221821ED78D43C24E0F8FFF42B082/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5edndy.c.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/26711CBDBA2BA615B5066E9445BE43066372011B.13281E7EBB3B5C871BAE43BFE69819D063BFD667/key/cms1/cms_redirect/yes/mh/v7/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5edndy/ms/onc/mt/1669476930/mv/u/mvi/4/pl/36/file/file.mp4

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1&C=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4Iz8zzBoPatVKJKEKsR4gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCWmk1GeuREyOtd_VbSvy4&google_cver=1

Request Chain 156

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5Njk5Mzc4Mjg4MTk0MTY4Mw%3D%3D

Request Chain 168

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZu5FejJ-XlFZY_XF2iAJcbrV1V_EGx3QMMsQl86Zyvf928ORQyEbq_MXrkqGRAw9_9eYid7ek90-Rhjt1z7VNo8rtUGRWq&google_gid=CAESELMfJFr7KfZ4ZFU-ORdPcQU&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZu5FejJ-XlFZY_XF2iAJcbrV1V_EGx3QMMsQl86Zyvf928ORQyEbq_MXrkqGRAw9_9eYid7ek90-Rhjt1z7VNo8rtUGRWq&google_gid=CAESELMfJFr7KfZ4ZFU-ORdPcQU&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjYxNTQyNDQwMDA1NDI3ODc1NTIwMw%3D%3D&google_push=ASkJ3FZu5FejJ-XlFZY_XF2iAJcbrV1V_EGx3QMMsQl86Zyvf928ORQyEbq_MXrkqGRAw9_9eYid7ek90-Rhjt1z7VNo8rtUGRWq

Request Chain 169

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJVXCAq1ZPls65wEfiqKXrA&google_cver=1&google_push=ASkJ3FY_V4x7jxQN4-O7NxbG4L1A0u2dQYlmQptzVzB8lWQI0y63mzOyanEspTVfKjGX6G5m9CLlag9IWk0KWnHbf2qkxKChblo HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJVXCAq1ZPls65wEfiqKXrA&google_cver=1&google_push=ASkJ3FY_V4x7jxQN4-O7NxbG4L1A0u2dQYlmQptzVzB8lWQI0y63mzOyanEspTVfKjGX6G5m9CLlag9IWk0KWnHbf2qkxKChblo&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y-roMcKVQ7u0HJIaNg1G9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY_V4x7jxQN4-O7NxbG4L1A0u2dQYlmQptzVzB8lWQI0y63mzOyanEspTVfKjGX6G5m9CLlag9IWk0KWnHbf2qkxKChblo

Request Chain 170

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFECaatrzO1RDCMC7-Jhl08&google_cver=1&google_push=ASkJ3FZ6tAWzlcxUx2e_2xdd2y44aTFuGbo6cc1tCgl-GCdzoGpMv7q03a3bMgWH_-q5uvdatBVPuMF2LBx9nzvMGhzVaQu2xpy7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZM1BVTDItWS0yWTZZ&google_push=ASkJ3FZ6tAWzlcxUx2e_2xdd2y44aTFuGbo6cc1tCgl-GCdzoGpMv7q03a3bMgWH_-q5uvdatBVPuMF2LBx9nzvMGhzVaQu2xpy7

Request Chain 171

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFt6lljn3sgiSm9cx6Q5mRU&google_cver=1&google_push=ASkJ3FZ1YRPvxxf-G12OVcQSgFKvgEBgm2Ps4xJWOVz3MRCV9DBv4W-o_hEN8zUusPNCSC_AoElGBb0ek4cztdOAtNn4HvTaCMeF HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFt6lljn3sgiSm9cx6Q5mRU&google_hm=Y4Iz8zzBoPatVKJKEKsR4gAABKIAAAAB&google_nid=index&google_push=ASkJ3FZ1YRPvxxf-G12OVcQSgFKvgEBgm2Ps4xJWOVz3MRCV9DBv4W-o_hEN8zUusPNCSC_AoElGBb0ek4cztdOAtNn4HvTaCMeF

191 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 144162-2-1.html Show response
dramasq.su/video/ 125 KB
8 KB 379ms
161ms Document
text/html 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramasq.su/video/144162-2-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.24
Resource Hash: 875de77554107ae24fa766cb7d5c6b629dc55d28599b51b504df1c9d0360bef5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7703bc3ccfdfbb55-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 26 Nov 2022 15:42:40 GMT
expires: Sat, 26 Nov 2022 16:42:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKl9UhBEzMBL1mwk5wXBqiBcAEeGnp%2Brh3ydu8TbthhSxOY%2BVuT6maHF3ccV%2BP8DwD9rqqbZ3sDbm5AbHEmhSiIxa5S2SBsvxOALAUiDqsYVL%2BbNIQ0YQVZ%2BAwSEzwSsrbic%2FEKUL0ok"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.24

GET
H2 200 base.css
dramasq.su/template/dramasq/css/ 14 KB
4 KB 61ms
60ms Stylesheet
text/css 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramasq.su/template/dramasq/css/base.css
Requested by: Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73adee2b086f567376f01cacfa67d31f4e31d7fde2b0e9ea4cb764c36b8d0205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4765361
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 16 Jul 2022 21:44:58 GMT
server: cloudflare
etag: W/"3733-5e3f30bcb8a80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TglyEqGCZ2LxOD78T0BoC6bkw9PF6GOEQa4LNPjdB6iHeD2qZJKlm4lxmZh14YH4xVt3k06M00P7Sg1BrCVF3GviO2hXv%2FT9Y%2BniQBJzwfueXNszcwN0vFnLNKXXNNoAN6DkRPpMdd2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7703bc3dca24bb55-FRA
expires: Mon, 02 Oct 2023 11:59:59 GMT

GET
H2 200 jquery.js Show response
dramasq.su/static/js/ 90 KB
33 KB 65ms
64ms Script
application/x-javascript 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramasq.su/static/js/jquery.js
Requested by: Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 883481
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 13:11:32 GMT
server: cloudflare
etag: W/"169d5-5b3ac4d0d0900-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4U87cRL1mRYn8wmFlIDtcEcXK%2B3ek1TWzQ9MieEqLWNsFFPIaiBSvIVW%2BmQ2XUxSq1IVCAVj8SaAnKlDGcjB3nOQQu514tXqv8OmlqVO2KFFfTv62RX3rNyCvYPX4TIbRdMI8pSpVT8"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7703bc3dca27bb55-FRA
expires: Thu, 16 Nov 2023 10:17:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 184ms
86ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9304928359501985

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

856cee649cf11b6482c8099d864742150b5985c63cdd0f1677331c759a21c646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Origin: https://dramasq.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49052
x-xss-protection: 0
server: cafe
etag: 8614473934786563933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 15:42:40 GMT

GET
H2 200 playerconfig.js Show response
dramasq.su/static/js/ 2 KB
1022 B 56ms
55ms Script
application/x-javascript 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramasq.su/static/js/playerconfig.js?t=20221126
Requested by: Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c2b8f777ca54e9d2547d9a2cef3d08e7dc862089d5206460d37234522e8240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64304
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 11 Aug 2022 12:11:25 GMT
server: cloudflare
etag: W/"73e-5e5f61083b222-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYF8pqnAcyQ9Ufe%2B0o6%2BT4Hb1Os9PENJXhPoIjSr2dy8qeFP0%2F73oYmixukHkk%2FUaFTb%2BxclYo4nZymDHdCpC5PDTPFQL1zT3MaOawXx0TmReXjvG%2B2G1rxhU4I7TXnE3WzKhyFUMLNG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7703bc3dca28bb55-FRA
expires: Sat, 25 Nov 2023 21:50:56 GMT

GET
H2 200 player.js Show response
dramasq.su/static/js/ 10 KB
5 KB 62ms
61ms Script
application/x-javascript 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramasq.su/static/js/player.js?t=a20221126
Requested by: Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3263e523ecbc44c7ca091551c4860c75cad83307b3afa01a3998251d161835d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64304
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 26 Jun 2021 08:02:10 GMT
server: cloudflare
etag: W/"2847-5c5a6ac544480-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37RRL1%2BQvPhc3f70MyMfZpXyiZpGr6qAiSw1ep0ZzjuNHF34ZJdKWtaqOBccQfBlZhCp4e%2FZvFIEEDDha%2BgrCOfb7XuVgQQwbOLbqPQQrh5YQ%2B56xHtOVNvCj6x7V7Ps%2B07UteynoZZ6"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7703bc3dca2ebb55-FRA
expires: Sat, 25 Nov 2023 21:50:56 GMT

GET
H/1.1 200
OK 46531 Show response
rm.itczenair.com/t6ucrR27XiCdQJeyB/ 0
0 260ms
66ms Script
text/html 172.255.6.145
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rm.itczenair.com/t6ucrR27XiCdQJeyB/46531
Requested by: Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.145 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 133ms
50ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-190312450-2

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae07586aee87f0419c6aaf57400f2472ed10613979c0e0839184c85529751883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43596
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Nov 2022 15:42:40 GMT

GET
H3 200 body_bg.jpg
dramasq.su/template/dramasq/image/ 1 KB
2 KB 51ms
51ms Image
image/jpeg 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramasq.su/template/dramasq/image/body_bg.jpg
Requested by: Host: dramasq.su
URL: https://dramasq.su/template/dramasq/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbf3d78756358116e3a86ce829439d517df9da664e92785241faafc0c885a5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/template/dramasq/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22111
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1463
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 07:36:24 GMT
server: cloudflare
etag: "5b7-5ae4fb14fce00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kLv6fP7otpy%2FrHzf0NPV5nTwmF1viQUP67LyxRGS6%2Bvzr7%2BkTpbNBsaDnKgLwvcY1SKFo1fQ0jeZ8IqJsEqv998ttJq9ELUNE%2B2bQS4468QbQFy6FvlvhxxnTjFe%2B%2FoX2vqDK%2FQByfq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7703bc3e6c92215d-DUS
expires: Sun, 26 Nov 2023 09:34:09 GMT

GET
H3 200 main_bg.png
dramasq.su/template/dramasq/image/ 157 B
703 B 51ms
51ms Image
image/png 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dramasq.su/template/dramasq/image/main_bg.png
Requested by: Host: dramasq.su
URL: https://dramasq.su/template/dramasq/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b1b9a413113fe2791c898f99d815951288acdbb06ce30608183098fed5d4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/template/dramasq/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9348659
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 157
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Sep 2020 07:35:52 GMT
server: cloudflare
etag: "9d-5ae4faf678600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAe2J9SvTCc%2Fi%2BE0voIVElRzK0JA%2FCX2aywRM1370qT9DW4QDIpFPDy0x%2FG5J4Jzbwh7sBbdiE%2Fc8TeJ3MWMFvnY4RMV1wyDFKe2tcVD0pcvFYmg0wWgHB%2FuP4xwqgs3Wbij5WnNeRx5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7703bc3e6c95215d-DUS
expires: Thu, 10 Aug 2023 10:51:41 GMT

GET
H3 200 sdm3u8.js Show response
dramasq.su/static/player/ 216 B
688 B 53ms
52ms Script
application/x-javascript 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramasq.su/static/player/sdm3u8.js
Requested by: Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42780ed534ee72051247e5eaabb413d2bc052377e2a76d1182ceabef27752807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2150824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 17 Oct 2022 19:45:57 GMT
server: cloudflare
etag: W/"d8-5eb40396e7d3a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LF3xNaupA1Z0u2Zah6TJxmAJgRhcx8xvkmEOWPT9A%2BZmMtrv9DEW%2FzZJXXtjUysoOtK7yALhomQO4xRLcjijdCiy7FpsCDQYf69J1OgfBhTJR49ccQh%2B2BDXAXUI8PXjQJ6cDvUpogP"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7703bc3ecd42215d-DUS
expires: Wed, 01 Nov 2023 18:15:36 GMT

GET
H3 200 aliplayer.html Show response
dramasq.su/static/player/ Frame 3F46 2 KB
1 KB 65ms
64ms Document
text/html 2606:4700:3031::ac43:a742
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dramasq.su/static/player/aliplayer.html
Requested by: Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:a742 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1e17a8bc272edc357e43e10f8da68bccf99e72a21ba3b70a89586f8e6a956d

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
cf-ray: 7703bc3f2e26215d-DUS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 15:42:40 GMT
expires: Sat, 26 Nov 2022 16:42:40 GMT
last-modified: Sat, 23 Jul 2022 15:26:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2zjQgR4gIXCmtHZEBIivjd7%2FkAXUsmLfOSmpEHOTUWVIjiZiQrKX622OJwWpxooCgMTIizuiuXTZdQn67%2BN8tVfL3qaPNkIABzP2sREISwXmNeOKsMnpEI5xybgVLC3NsVtkFHBOpYl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK embed.js Show response
qdramas.disqus.com/ 78 KB
25 KB 130ms
38ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://qdramas.disqus.com/embed.js

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

60d27adc3c39b1855f5653b922104827b1dc584facd1b81db5eda5f3d84b179c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sat, 26 Nov 2022 15:42:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 32
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25620

GET
H2 200 aliplayer-min.css
g.alicdn.com/de/prismplayer/2.9.19/skins/default/ Frame 3F46 26 KB
5 KB 391ms
39ms Stylesheet
text/css 163.181.56.193
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.alicdn.com/de/prismplayer/2.9.19/skins/default/aliplayer-min.css
Requested by: Host: dramasq.su
URL: https://dramasq.su/static/player/aliplayer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ba1b3d88e503c0fd80135acdb1205abc43c3009d41172f565818bf635214f494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/static/player/aliplayer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 06:18:33 GMT
content-encoding: gzip
via: cache8.l2de2[67,67,200-0,M], cache10.l2de2[69,0], cache10.l2de2[69,0], ens-cache6.de4[0,0,200-0,H], ens-cache1.de4[3,0]
x-oss-request-id: 6381AFB9CE97E53533861BDE
content-md5: 7b2QpYxThJRFzYUZ+9K4pA==
age: 33847
x-swift-cachetime: 86400
x-cache: HIT TCP_MEM_HIT dirn:9:300977635
x-swift-savetime: Sat, 26 Nov 2022 06:18:33 GMT
content-length: 4406
x-bucket-code: 3
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1669443513
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=86400
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 5694589331632903766
eagleid: 2ff62b1916694773609162938e
x-oss-server-time: 61

GET
H2 200 aliplayer-min.js Show response
g.alicdn.com/de/prismplayer/2.9.19/ Frame 3F46 352 KB
90 KB 427ms
76ms Script
application/javascript 163.181.56.193
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.alicdn.com/de/prismplayer/2.9.19/aliplayer-min.js
Requested by: Host: dramasq.su
URL: https://dramasq.su/static/player/aliplayer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: c850c1e3113de18c72c8b24dd974563ec074d5c37c2309837d33c319f0afcc58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/static/player/aliplayer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:21:49 GMT
content-encoding: gzip
via: cache11.l2de2[0,0,200-0,H], cache5.l2de2[0,0], cache5.l2de2[1,0], ens-cache4.de4[0,0,200-0,H], ens-cache1.de4[3,0]
x-oss-request-id: 6381BE8DF22B2D38341398A0
content-md5: o2imiu5/6Dtu1HJhdmmaAg==
age: 30051
x-swift-cachetime: 86225
x-cache: HIT TCP_MEM_HIT dirn:9:165445341
x-swift-savetime: Sat, 26 Nov 2022 07:24:44 GMT
content-length: 91789
x-bucket-code: 3
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1669447309
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=86400
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 8161766237178473225
eagleid: 2ff62b1916694773609162939e
x-oss-server-time: 81

GET
H2 200 aliplayercomponents.min.js Show response
player.alicdn.com/aliplayer/presentation/js/ Frame 3F46 114 KB
35 KB 362ms
38ms Script
text/javascript 163.181.56.192
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.alicdn.com/aliplayer/presentation/js/aliplayercomponents.min.js
Requested by: Host: dramasq.su
URL: https://dramasq.su/static/player/aliplayer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.192 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 43f035597715b360366c70d7ff096c07d206a74101852f0d92ef0fb7a76053ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/static/player/aliplayer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:10:58 GMT
via: cache6.l2de2[0,0,304-0,H], cache15.l2de2[2,0], ens-cache4.de4[0,0,200-0,H], ens-cache8.de4[2,0]
content-encoding: gzip
x-oss-request-id: 63822C825BE45533380BFD83
content-md5: jGrwYUf5R0LaMXmXc0UJSA==
age: 1901
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:9:200429638
x-oss-cdn-auth: success
x-swift-savetime: Sat, 26 Nov 2022 15:11:48 GMT
x-oss-object-type: Normal
last-modified: Wed, 03 Jul 2019 09:14:13 GMT
server: Tengine
etag: W/"8C6AF06147F94742DA31799773450948"
vary: Accept-Encoding
ali-swift-global-savetime: 1669475459
content-type: text/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 3779963811180384198
eagleid: 2ff62b2016694773608844955e
x-oss-server-time: 14

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 354 KB
116 KB 172ms
94ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9304928359501985&plah=dramasq.su&bust=31070968

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9304928359501985

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f57c6db9f8bf98a8f3c96b995f9d0219d535afdacb327cfbb41441654bb8dc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119225
x-xss-protection: 0
server: cafe
etag: 15613007201488908737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 15:42:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 604C 10 KB
5 KB 123ms
39ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9304928359501985

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:42:07 GMT
etag: 10353107486223812946
expires: Sat, 10 Dec 2022 10:42:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-190312450-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 15:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1606
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 26 Nov 2022 17:15:54 GMT

GET
H2 200 lounge.47e4fd006c53c48067dd9a5876181d2d.css
c.disquscdn.com/next/embed/styles/ 0
31 KB 157ms
47ms Other
text/css 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Requested by

Host: qdramas.disqus.com
URL: https://qdramas.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 238963
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 30650
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-77ba"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 01rqX0Q1ZyqWxSTfX2tuYrc0kFrTT0RiGL3Ww13AnX8GHBa5eq0LIg==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H2 200 common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js
c.disquscdn.com/next/embed/ 0
93 KB 188ms
79ms Other
application/javascript 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Requested by

Host: qdramas.disqus.com
URL: https://qdramas.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 14 Nov 2022 23:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1009120
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94854
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 14 Nov 2022 23:10:44 GMT
server: nginx
etag: "6372caf4-17286"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 5X8AjXpwI_gdBr-d7LehKatD-qZ8gP46UokmPRAe3i0GOs93JaFyEw==
expires: Tue, 14 Nov 2023 23:24:00 GMT

GET
H2 200 lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js
c.disquscdn.com/next/embed/ 0
126 KB 233ms
123ms Other
application/javascript 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js

Requested by

Host: qdramas.disqus.com
URL: https://qdramas.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 238963
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 128551
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-1f627"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: HJs40WmEYwEsy3gzhmWfEurhsoD_o4K2Q5V4wXx1XFQ8X6adFyYilQ==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
17 KB 132ms
39ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: qdramas.disqus.com
URL: https://qdramas.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sat, 26 Nov 2022 15:42:40 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 18
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16810
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 1A96 6 KB
4 KB 150ms
124ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default

Requested by

Host: qdramas.disqus.com
URL: https://qdramas.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6bf458bc0f05f226be426a4cf7323d3b18bf15d21f7aabc592548aef91a731fd

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 32
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2788
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 26 Nov 2022 15:42:40 GMT
ETag: W/"lounge:view:9256254012.d8922b908fbb70eff0255ac60f232848.2"
Last-Modified: Mon, 11 Jul 2022 10:05:48 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 120ms
45ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=934059743&t=pageview&_s=1&dl=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&ul=en-us&de=UTF-8&dt=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1729254878&gjid=1854029436&cid=1736484645.1669477361&tid=UA-190312450-2&_gid=1070202464.1669477361&_r=1&gtm=2oub90&z=1607778553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dramasq.su
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
695 B 132ms
45ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dramasq.su&callback=_gfp_s_&client=ca-pub-9304928359501985&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9304928359501985&plah=dramasq.su&bust=31070968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

302156bf36b0276f15d21e631fe4b41545ea9f28e7b21a86095f5a544e68b040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 159ms
47ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dramasq.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 157ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dramasq.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB2A 39 KB
13 KB 1163ms
1073ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&adk=1812271804&adf=3025194257&lmt=1669477360&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360598&bpp=3&bdt=338&idt=332&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1556363333372&frm=20&pv=2&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6ebaa4d00218294bc60df537edf7b89687b4057da8f673c4fc9671b5dea9f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13719
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:42 GMT
expires: Sat, 26 Nov 2022 15:42:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98EC 98 KB
34 KB 1239ms
1174ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=6494681079&adk=1890418503&adf=2653041513&pi=t.ma~as.6494681079&w=1200&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=1200x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360601&bpp=2&bdt=340&idt=358&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R5eFVaitU6&p=https%3A//dramasq.su&dtd=374

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2314e02722993060d7c6b246aa38d16afd40ac3656c4179c431be398b36299f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34430
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:42 GMT
expires: Sat, 26 Nov 2022 15:42:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lounge.load.58bc6c863668afd714b59e604f38eefb.js Show response
c.disquscdn.com/next/embed/ Frame 1A96 958 B
1 KB 114ms
37ms Script
application/javascript 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.58bc6c863668afd714b59e604f38eefb.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b51a795671380c9b4dc816b657dd48c2653b1d9f99944984cf85306f195dbb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 238963
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 495
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-1ef"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: t18daEgVCep_X_25ohxUJH0wwOXhGZFFki3csHxmxU4V43IUnWQA3g==
expires: Thu, 23 Nov 2023 21:19:58 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C69C 74 KB
30 KB 680ms
627ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&slotname=4168137656&adk=378053847&adf=3235933448&pi=t.ma~as.4168137656&w=287&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=1&bdt=343&idt=383&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7fPNdEwwTQ&p=https%3A//dramasq.su&dtd=386

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

880c90be448dc22932c0fbd9b6275c611c682130e1e0081debd04ef277e6218b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30329
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:41 GMT
expires: Sat, 26 Nov 2022 15:42:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09BF 70 KB
22 KB 1061ms
1016ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=8159439231&adk=4096191546&adf=3215562993&pi=t.ma~as.8159439231&w=728&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=728x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=6&bdt=343&idt=391&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C287x600&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=wbmI3t6ot0&p=https%3A//dramasq.su&dtd=393

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62fff7f49809978b71243e71873d3614afd624b43c743414d29423b360c2cb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:42 GMT
expires: Sat, 26 Nov 2022 15:42:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aliplayer-hls-min.js Show response
g.alicdn.com/de/prismplayer/2.9.19/hls/ Frame 3F46 722 KB
225 KB 46ms
45ms Script
application/javascript 163.181.56.193
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.alicdn.com/de/prismplayer/2.9.19/hls/aliplayer-hls-min.js
Requested by: Host: g.alicdn.com
URL: https://g.alicdn.com/de/prismplayer/2.9.19/aliplayer-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 146b3fe99f274d3ae5c911a6105d8b42fb87bbefe59dabbb336f833a4d7483d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/static/player/aliplayer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:20:25 GMT
content-encoding: gzip
via: cache2.l2de2[0,0,200-0,H], cache12.l2de2[1,0], cache12.l2de2[1,0], ens-cache10.de4[0,0,200-0,H], ens-cache1.de4[3,0]
x-oss-request-id: 63820489D546093031335195
content-md5: 0aYnoK866rBmdvOGdzKXvA==
age: 12136
x-swift-cachetime: 85405
x-cache: HIT TCP_MEM_HIT dirn:8:129191781
x-swift-savetime: Sat, 26 Nov 2022 12:37:00 GMT
content-length: 229877
x-bucket-code: 3
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1669465225
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=86400
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 9453918340331494449
eagleid: 2ff62b1916694773611053098e
x-oss-server-time: 63

GET
H2 200 dragcursor.png
g.alicdn.com/de/prismplayer/2.9.19/skins/default/img/ Frame 3F46 3 KB
4 KB 85ms
85ms Image
image/png 163.181.56.193
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.alicdn.com/de/prismplayer/2.9.19/skins/default/img/dragcursor.png
Requested by: Host: dramasq.su
URL: https://dramasq.su/static/player/aliplayer.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 04297c70dff76164a1309eb414b03a640772c243004944da44d173f9fa321663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/static/player/aliplayer.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 05:49:50 GMT
via: cache11.l2de2[0,0,200-0,H], cache9.l2de2[1,0], cache9.l2de2[1,0], ens-cache3.de4[0,0,200-0,H], ens-cache1.de4[5,0]
x-oss-request-id: 6381A8FE9B865C3932ED0678
content-md5: qV0B/cl6HXBgpeVhr6HSpQ==
age: 35571
x-swift-cachetime: 86345
x-cache: HIT TCP_MEM_HIT dirn:9:418778359
x-swift-savetime: Sat, 26 Nov 2022 05:50:45 GMT
content-length: 3255
x-bucket-code: 3
x-oss-object-type: Normal
server: Tengine
ali-swift-global-savetime: 1669441790
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=86400
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 12505553276681424223
eagleid: 2ff62b1916694773611053101e
x-oss-server-time: 69

GET
H2 200 common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js Show response
c.disquscdn.com/next/embed/ Frame 1A96 282 KB
93 KB 46ms
46ms Script
application/javascript 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.58bc6c863668afd714b59e604f38eefb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff41638e427ea9c796df6097be56a8d87998e40e755f5f9655232ceae785181a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 14 Nov 2022 23:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 1009121
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94854
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 14 Nov 2022 23:10:44 GMT
server: nginx
etag: "6372caf4-17286"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: UP4P-_TT8lDKiLMi1Ws34ZjiPE1Fm8WkdMTcoRzR5Od8RP1J8zLK-w==
expires: Tue, 14 Nov 2023 23:24:00 GMT

GET
H2 200 lounge.47e4fd006c53c48067dd9a5876181d2d.css
c.disquscdn.com/next/embed/styles/ Frame 1A96 201 KB
31 KB 47ms
46ms Stylesheet
text/css 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da8e1a89b08797ffa3c4df6796414e871f84cbe8191fb6d5f2374e88b116f0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 238964
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 30650
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-77ba"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 2CKNc423YqyZw-ClB-R2U4hjdEMhjmoC2bc2A9kDWQKVw9OBkjZIag==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H2 200 lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js Show response
c.disquscdn.com/next/embed/ Frame 1A96 502 KB
126 KB 40ms
37ms Script
application/javascript 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.0134c2cc2b1c0a38a997a53bcb09f779.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bdfa3d92287fdb3bb869f96fe21b3866f5fb913f66e0daf3149e0765496c74d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 23 Nov 2022 21:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 238964
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 128551
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-1f627"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: IFZgLr-OoYqjEO55qLsYc9lWPi3aHpNdmNsx6_sC3zftgqFUeqcxmw==
expires: Thu, 23 Nov 2023 21:19:57 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 1A96 16 KB
17 KB 38ms
37ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

30403bfa0ebd552a8a5bfa6edcba8504fba7aeed2825a4e1ee927e94b605e221

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sat, 26 Nov 2022 15:42:41 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 19
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 16810
X-XSS-Protection: 1; mode=block

GET index.m3u8
iqiyi.sd-play.com/20220408/i31eJbcN/ Frame 3F46 0
0

GET
H2 200 zh.js Show response
c.disquscdn.com/next/current/embed/lang/ Frame 1A96 22 KB
10 KB 40ms
39ms Script
application/javascript 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/embed/lang/zh.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

02a4b3bdc270ae97ee026e7f601e2edb89acc0caca1424a53fa3878ae01e5082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 26 Nov 2022 15:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 254
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 9181
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Wed, 23 Nov 2022 20:32:34 GMT
server: nginx
etag: "637e8362-23dd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
timing-allow-origin: *
x-amz-cf-id: yKBevjUbcyhDRj6vDwLcegqupT279-OjT93WY6hBa1ilbX1g7Jgojg==
expires: Sat, 26 Nov 2022 15:43:27 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 1A96 3 KB
3 KB 139ms
138ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=qdramas&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.a0092a9b6d9c06bf965e6c41a81f2c09.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d2d5a918bc51477cf57a07e8753a118ff27f60a951c359533816704f08ae86d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sat, 26 Nov 2022 15:42:41 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 2990
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1668443441/images/ Frame 1A96 2 KB
2 KB 132ms
37ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1668443441/images/noavatar92.png

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:41 GMT
strict-transport-security: max-age=300; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 779120
etag: "60395f01-66c"
content-type: image/png
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
content-length: 1644
x-amz-cf-id: 11E5_D_mJePHRr7MQOsm9uPu_rU1QKnvYyq7NMfbPQvztl1ROUXARg==
x-xss-protection: 1; mode=block
expires: Sat, 17 Dec 2022 15:17:21 GMT

GET
DATA 200
OK truncated
/ Frame 1A96 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 1A96 13 KB
13 KB 40ms
39ms Image
image/svg+xml 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 19 Sep 2022 03:05:23 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 5920638
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
server: nginx
etag: "63243521-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AzcamTTQTIl4KP17iBBgAjf6pHDn_cRjghYOMZ5tWIZnxqAY30SI7Q==
expires: Tue, 19 Sep 2023 03:05:23 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 1A96 3 KB
3 KB 39ms
39ms Image
image/gif 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 28 Oct 2022 01:26:11 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 2556990
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 27 Oct 2022 21:17:31 GMT
server: nginx
etag: "635af56b-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: N0SNUbPB6WR8ox2qGPqPeT5bFhvY13dsDYM-ZUn-w6CQFwJpQvm9Pg==
expires: Sat, 28 Oct 2023 01:26:11 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 1A96 2 KB
2 KB 40ms
39ms Image
image/png 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 20 Sep 2022 11:48:31 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 5802850
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 16 Sep 2022 08:34:41 GMT
server: nginx
etag: "63243521-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: m9bVQaBhmPFZImrhFug9bCNgvkF6lTB27QDCVk5af0ZhPk64u29GgA==
expires: Wed, 20 Sep 2023 11:48:31 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 1A96 8 KB
8 KB 42ms
42ms Font
application/octet-stream 2600:9000:21f3:dc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:dc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.47e4fd006c53c48067dd9a5876181d2d.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 28 Aug 2022 00:45:29 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
age: 7829831
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 26 Aug 2022 22:07:42 GMT
server: nginx
etag: "6309442e-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BX3M2s2kCwHNMHAr5YmKLHk0xCKfH3ZZASqfvuACcVKPaYlmE564sA==
expires: Mon, 28 Aug 2023 00:45:29 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 1A96 43 B
339 B 210ms
127ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=236&event=init_embed&thread=9256254012&forum=qdramas&forum_id=6635050&imp=8p0haisu7lfvd&thread_slug=901_dramasq_03&user_type=anon&referrer=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=qdramas&t_u=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&t_d=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&t_t=%E6%B5%B7%E8%B3%8A%E7%8E%8B%E7%AC%AC901%E9%9B%86%E7%B7%9A%E4%B8%8A%E7%9C%8B%20-%20DramasQ&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sat, 26 Nov 2022 15:42:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 10748221438626505548
tpc.googlesyndication.com/simgad/ Frame C69C 95 KB
95 KB 246ms
162ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10748221438626505548?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkRjrThFEEP8k7bafafr7AcrTj24A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&slotname=4168137656&adk=378053847&adf=3235933448&pi=t.ma~as.4168137656&w=287&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=1&bdt=343&idt=383&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7fPNdEwwTQ&p=https%3A//dramasq.su&dtd=386

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61822ff1ee4c1c154e32bf4649434ad1556250bb36d3af57dfbb00bc9b9388c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:16:23 GMT
x-content-type-options: nosniff
age: 69978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97236
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 03:21:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 20:16:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C69C 23 KB
10 KB 128ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 07:15:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C69C 3 KB
1 KB 240ms
159ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 14:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 14:18:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C69C 18 KB
7 KB 170ms
89ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C69C 154 KB
48 KB 161ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 15:42:41 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C69C 34 KB
13 KB 208ms
128ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 17:43:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C69C 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClTkb8TOCY7LOBICNmLAPrdOs2Am-nurvbKWN1fiXENrZHhABIMqdrX1gldqIgpgHoAHNhZPzAsgBAqgDAcgDyQSqBNEBT9D5KNtWuSeALsHFm8TfjWETgwHNSEao3Cvl_R9Uk6q4F1X7c1BTv8gnVe1hPaAUJnjkOC9KZ0_7pV9mJajKyMDijUon2YcCooyfK2Cx6731NvByoWwfbR8yMlKVpPMecq_izHdHU2pA47zmQ_4ScqOGBjfiymWAWXtKno_A_6slm1yKcEVmkjhWsYfG4FJE21FQyhoxED8u9iSGITTDgjyyKSZVWLP9fTJLkivfainSBz36Yf1wCoVSG8MRr-J1QxXX3406WMvGrRP5pEebVubABM-88uaVBJIFBAgEGAGSBQQIBRgEoAYCgAfFoqyZA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOe9C9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTkzMDQ5MjgzNTk1MDE5ODUYAA&sigh=dLzvJ_IoYfo&uach_m=[UACH]&cid=CAQSGwDq26N93M9rrzRDbbKC9WBKXa2EVHGAJYx_UhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&slotname=4168137656&adk=378053847&adf=3235933448&pi=t.ma~as.4168137656&w=287&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=1&bdt=343&idt=383&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7fPNdEwwTQ&p=https%3A//dramasq.su&dtd=386
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 15:42:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 15:42:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B00B 143 B
166 B 38ms
37ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&slotname=4168137656&adk=378053847&adf=3235933448&pi=t.ma~as.4168137656&w=287&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=1&bdt=343&idt=383&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7fPNdEwwTQ&p=https%3A//dramasq.su&dtd=386
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C69C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76f3abfb7c15e9cab67e0813cd895b70038782d13c25053db1c5cc354f476cfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B00B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:42 GMT
expires: Sat, 26 Nov 2022 15:42:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 09BF 23 KB
9 KB 115ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=8159439231&adk=4096191546&adf=3215562993&pi=t.ma~as.8159439231&w=728&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=728x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=6&bdt=343&idt=391&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C287x600&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=wbmI3t6ot0&p=https%3A//dramasq.su&dtd=393

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 07:15:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 09BF 8 KB
1 KB 258ms
47ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 15:27:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 15:42:42 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 09BF 14 KB
3 KB 249ms
37ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 15:08:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 09BF 388 KB
131 KB 250ms
38ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 15:08:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 09BF 18 KB
7 KB 119ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 150 KB
51 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/reactive_library_fy2021.js?bust=31070968

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e99cf86dfbb1778c8b2816fe47e39b76a93241db0d25700bc2df707b8ccef6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52281
x-xss-protection: 0
server: cafe
etag: 7043894988149369247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 15:42:42 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 123ms
47ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dramasq.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
49ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dramasq.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E13C 18 KB
10 KB 1342ms
1219ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffbec80d79ce99290da86b6499973b189b5594920c9e8894e53c41edb9f1a11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9859
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 598F 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 11:59:07 GMT

GET
H2 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame 98EC 9 KB
5 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=6494681079&adk=1890418503&adf=2653041513&pi=t.ma~as.6494681079&w=1200&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=1200x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360601&bpp=2&bdt=340&idt=358&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R5eFVaitU6&p=https%3A//dramasq.su&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:47 GMT

GET
H2 200 cc1b8d1e1903d75e43ed2b2152915588.js Show response
www.gstatic.com/mysidia/ Frame 98EC 18 KB
8 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 08:18:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 98EC 8 KB
968 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 15:20:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 15:42:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 98EC 2 KB
765 B 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:15 GMT

GET
H2 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame 98EC 5 KB
2 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 03:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 03:02:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 98EC 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 98EC 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 14:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 14:18:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 98EC 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98EC 154 KB
47 KB 127ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 15:42:42 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 98EC 34 KB
14 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 3868 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Sat, 10 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3868 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cnurh8TOCY_ztBMTKmLAP19-QkArJntKxXLWY49aTAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05MzA0OTI4MzU5NTAxOTg1yAEJqQL9XeJ6n3CxPqgDAaoEyQFP0Fvh59H3qqofS8kt90L6pgw4RkMgn2OxeUcp29MlsGdLuigjBKaQchGS_UtquaUynuzDRzO33626hqV7ArWn-ukLdhygB298jERcijMndgZlD9_KZWgFe3XjFdwf0sK81DAqfwpzjJeKs0HhUncHmO5sdHlbbdpa_qzgP5i16sr1njWXlBawJIuzRFAuk64Wifp_l6tZWhew_uQoTrMtktU8scbAJr2AHC2FdM_D3fHdw6toar4PSomIxTDauV-ZyiPmp5GQS86ABqufqc3aouL1J6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTMwNDkyODM1OTUwMTk4NRgA&sigh=oya8puHygIE&uach_m=[UACH]&cid=CAQSGwDq26N9Lt_1TByw5okwZ_DOfzAkWM2-n8idkBgBIBM

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3868 0
0 180ms
63ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kMWCFMz6RO0HfJ2DYgICAAAAGJkjttV28_8Q8DOCY9C8iMBZ8UKsPYmXABIAAA&wp=Y4Iz8QABNvwABiVEAAQv1wMg3EXoYQq_Dlfesw

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 160402
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AED5 129 KB
45 KB 315ms
110ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4Iz8QABNvwABiVEAAQv1wMg3EXoYQq_Dlfesw&u=%7CnZNdCgpOwOd95sqK3UNYFfWGUv0pgKkMhPJ0%2FeXcNkY%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9TOLHD9Ds7_1I9hDgzfPTGA0p6uh-UJpveCdSdsbo9WT9Cnxh6joohzOr4FQh0_tSyoGp7n8agFqL0a1S65lqW5HgN-2mn2BW0EU-J2e2wZHiZZyaGbZ0bJZdFRJclYfsyg7nphNEeZohKcU5hY7FN5btqNJcQ1ArZIIZN9-ZJci-QnQgDof49eTiQHlm20PXhUEXVAzNLIw166qWwjD5AD_m8JPu5vMenfWHjuHXM_qU7TGGDGrbT18t_UxQR29cPWzI1wdQOalkdJ751-GfdQdQAnGGPM6KvUiZ98gFwXMFLqX_jwDjwvwySZtek6JLZxLHZpHouql6w5fngKr24ozalMeVTl1_i_lHNAI8Pp2JpCUvogBLcZ_6rxN_tfTYKc80fczrzkWAMGVhdTOVKYp04NqVvC2PxDu2P8OyszENs7rdpynh7o6INDNwEl3V0-9IaxspQOr3Riz7gq9bNXA6Z57krqtckIc7alutVGbAEQ4HhfAb7fwPX3xwdf-OW63QiuyMHhCEhLPqKldWxNugf5NOySm-l3wiTIZp1t_I_r8xSY4y-T5KQCL6ZIs4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBS-z8TOCY_ztBMTKmLAP19-QkArJntKxXLWY49aTAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05MzA0OTI4MzU5NTAxOTg1yAEJqQL9XeJ6n3CxPqgDAaoEzAFP0Fvh59H3qqofS8kt90L6pgw4RkMgn2OxeUcp29MlsGdLuigjBKaQchGS_UtquaUynuzDRzO33626hqV7ArWn-ukLdhygB298jERcijMndgZlD9_KZWgFe3XjFdwf0sK81DAqfwpzjJeKs0HhUncHmO5sdHlbbdpa_qzgP5i16sr1njWXlBawJIuzRFAuk64Wifp_l6tZWhew_uQoTrMtktU888ThtDoPgD466NtgDcx7O6J8YAgFZJEKcfjnH60m1A_-IjsUWHF3GJuABqufqc3aouL1J6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02m0lulByH9hJmMoYsSYGZQtP8_Q%26client%3Dca-pub-9304928359501985%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9adeb22e1d04ce2fed9529878dc6bac53f953c1c5f3273c5f8f2df71007b3821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BkP4i-DZhv7b38ROpKmuUUMu69uuvyydQDUtRDNaeh2IW9RwPQTifVAKyFxgkBZwg7x9v_8yl0TWOiN8mkyxfBOeCBKe98OHx_nu4enNq3w3RPpDcvafLMrp_BCmA0lMRgBLOUpUoxqxB9ysxngKAnxUxN7l94Ctdvg25FEG2NMPd7Ez7QJc54tox6vIRm5mEzO8Gect5b_Ph8cN2ubyEY86cI_EHPqnl-15W4YBsIBfrJHiQedxLeS60lmk7Xtw8B_8rw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65825108
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3868 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 14:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 14:18:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3868 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3868 154 KB
47 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 15:42:42 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11305353545949322701/ Frame 98EC 22 KB
23 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11305353545949322701/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2488ab90f68bf879e8fc6e9ca9c21e7d8a04c4fe3deb0cab30d36b1679c6f1e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 06:44:29 GMT
x-content-type-options: nosniff
age: 118693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23015
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 08:42:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 06:44:29 GMT

GET
DATA 200
OK truncated
/ Frame 98EC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 98EC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRANIQAAAAAAAAAAMAQKDhAeKggxMjAweDI4MDAECg4QGSoIMTIwMHgyODAwBBIaQ0x5Y3plaVh6UHNDRlp4WER3SWR1TzBBUFEiCXRleHQvcnl1aygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98EC 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMiRc8TOCY_zfDJyvvcAPuNuD6AP764zSbdSFu67fEISFmbL3DxABIMqdrX1gldqIgpgHoAHJvqPlAsgBCakCRZMqxdq8sT6oAwHIA8sEqgTeAU_QopQ5Lf3ablKh9L9lKLM4Pdh8tBtOrx1b8PxsJm7ReMiJwko54_Chc7bx2doen4EvzqAZFbDsKrFrsKIh5fY5AXAJs-NLvFm1ooB-EBSzE5P0rEIoWYbR-enLxE3xWumVQ3jzfiSgW13FtQbaExsGGCdFzu9I7cdqm0BsPZ_CERnYt4xcwHgR8eHsisuRn9067qN_aYMHnekoEKMlJP7o_TB7EHVJGzKAH2CN5qgdn2TsBzO8GeVeL0W3mx-3c61K2GXf9ovIZaTuxfe6id3mqrZDKYf539yxUMHMbsAEyeKShI0EkgUECAQYAZIFBAgFGASgBi6AB5_B3JoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2NsK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTMwNDkyODM1OTUwMTk4NRgA&sigh=f4xuUaMbxb4&uach_m=[UACH]&cid=CAQSGwDq26N9_cl8NFijaGp0JoMSf6m9zkStriU3nxgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=6494681079&adk=1890418503&adf=2653041513&pi=t.ma~as.6494681079&w=1200&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=1200x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360601&bpp=2&bdt=340&idt=358&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=R5eFVaitU6&p=https%3A//dramasq.su&dtd=374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 98EC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a89a9bd1aa20312a54e62ed40ebba5eba9c0d445e81c478e2ea934995b6af843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 09BF 0
327 B 155ms
57ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lay3pt76&c=7903553843854&slotId=3951776921927&qqid=CLamzeiXzPsCFeBNDwIdbNsHNA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 09BF 15 KB
16 KB 119ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 124393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 09BF 15 KB
15 KB 127ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 95269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09BF 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CDlo78TOCY_bpDOCbvcAP7LafoAP2jubFbavStY_gEPAuEAEgyp2tfWCV2oiCmAegAeqRyqcByAEFqQL9XeJ6n3CxPqgDAcgDmwSqBOUBT9CYUIa4zpgoHlr_-u5vI1to2jsia5noCjuBjXHZsDpqVmTybpinOe7_GwhjrgyQRa4EhGpcfmg_DUFlk782-pO-hKFo7bqjzStvcZu0nsCDoTr8lNeU-93dZmrGC9keouzMXFpxF_Yv5TNP5rbuDF9hZpkaY1JaLmTt0PJ5J80IwDpW4_foThVkVZq82hxcE1YaVxoTkoWCd4qTiUUcDQqPjpKexsEVYLonvi6bRp4MmdsnGtx0lIfnbJ1XMJhPWFP-3jqtnUO2cbWjbWhbRjCZuoIEvbzjJiamfACETS3NhbTAScAEg7qC2qwE4AQDkAYBoAZOgAf-7bXYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT3camEcgTk8rI4QPYEwqIFA3YFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1669477362463&ai=CDlo78TOCY_bpDOCbvcAP7LafoAP2jubFbavStY_gEPAuEAEgyp2tfWCV2oiCmAegAeqRyqcByAEFqQL9XeJ6n3CxPqgDAcgDmwSqBOUBT9CYUIa4zpgoHlr_-u5vI1to2jsia5noCjuBjXHZsDpqVmTybpinOe7_GwhjrgyQRa4EhGpcfmg_DUFlk782-pO-hKFo7bqjzStvcZu0nsCDoTr8lNeU-93dZmrGC9keouzMXFpxF_Yv5TNP5rbuDF9hZpkaY1JaLmTt0PJ5J80IwDpW4_foThVkVZq82hxcE1YaVxoTkoWCd4qTiUUcDQqPjpKexsEVYLonvi6bRp4MmdsnGtx0lIfnbJ1XMJhPWFP-3jqtnUO2cbWjbWhbRjCZuoIEvbzjJiamfACETS3NhbTAScAEg7qC2qwE4AQDkAYBoAZOgAf-7bXYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT3camEcgTk8rI4QPYEwqIFA3YFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 09BF 29 KB
16 KB 186ms
75ms XHR
text/xml 142.250.110.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CdYdbJgsT7s4nsn8hPYC36JIYKCLiZ9je45rjtvtqrbPpHjEVV4qSJVZtIzerDYDKqiVZvyIWZEMCJq9WgNRgR6su2yw&cry=1&dbm_d=AKAmf-AHUP9jVRk4mDtyTN5VFQoeSKwa4UnvKnIZ6jj_WlPIbT5QSLGFxjqBE_zBwetZ0GOH6y2DgqwxJ6BMbOz3Mut9D-wLrqlpkZDyC6Agb7pxALGQtBEcQk0_AoOCe90LCeQxaAf6_xhAGX4EBnCNO2WeZuNP2b9InuZoiWf6GYMr9QMmP_w07TOyjMOHryQQMfUK0Ug1qTjO6Kdqog5_pPvcE81txselU6hzpXevYgqCGOibvVL6owKqlEgIQ8KuVC5Sm7l68QxgMyf0vi_3keXGrlUoUrtiqw0Ex_Ad50beMzmj_KqV3MnFCxX1cB-h1hbSkWF0bvsSzY1y5yZEXqRJe8ekk97WEWAePwGAgbbZla-n3rN44OkL_jUihwYg5RvZ0ufRAahwGtd4W_RskQhkdXiIemrka84_Ra5ZiNM57X_QULOM1jWj99agBL4rWSwpIqQ_qfUJbrr_6yFQyQ3-ZvU8fVAGNp4-cAebT9K9QobbvQOrc-6JmW-UpIAOCQe5CdPS_U_B78rBcXqnz7t_zH1zGO8CH5OxtSOvGLRCrpImT2vW9Ah2XjFVNfm-amAGRwysAtnVz97bF7tsAhVfRiN-sejd3srJAWNobLfTxfg25oTBFmF6-2QXOXuUdkskIh07tLpY8pZ9Mfkruk7DanMjy98GmXBUAAUJYmvE4BZeBBVPT3HGGDlV_lUdh4Ssq6O5OvrNBqtrusQEqrw5V2tOPTbYmrbrz8FhW0Ml8xXyjNZBVdNm0K3qeyD9guekghnJ3jGZMX1bfoLzig9dtbr_MOSUQb-lQStFJYBAkysfhDEJdmCOS1NXPALZRaw9auHfsToV8rSer03fZEcS1W7B4Xvc8JIrxAUAR_c1HV2FHugsu3TTXHYRxfK1bgTl5qy7GBMEiVnqpZzpei2ns77_Vc2rvkFFKasjMUoNGA5RhG4mfjB6a3uUCJ9xH_3Tnzqw8VJvrpiYka09HnTxTI10jaPI2zBmZxlFQzMDS2Vf50VqunxpP80mt-Y6LU9f6n2FxoHE9pLImDZq_AD-ZpLiriJKZYrd6ieak-kQVV1C4kAJkP3zjYufwTl_nMSUgD6HOfNz9Rj98s9Tf1o5t4F-NVBgniVUef70ZUfojDN79CqPc4swEc6-fcaQgFkIejMH3pIwXC0g4S7jOrSGvo8r0rmG9vLW9tmISKT4M1BpO_t_irLcV7-ATivfNpRsPdi-4txbQJp06qBuuZG07zNvRWJmvR1gSBRRHU9YSv5V2eoOeHVpPl5gvlyuBleo7O5mcfsIHnXTlxY4TiFyy_eNIhRpuQ0mmb2vVO8J3t8Y2ITOSo3jJBc91FgSFPPVmYm7ibPz31trcm2FTDcEGyJscIi-Q-GUqf9NVYs3a2rovWs307E0LTibTIdukqg3krQx3m3KGr6z8n0FQImE6CLw5aoXUiO_425aw1KRUjLu7qt3X3yHEFYcR9LHx27sb-g3xhZG_8wr6i0Aqw2e25kMYox_nNemBRvHiJNyGG0VMj0tgugwMdGCsOiSbcxZmVLb__JVeXLaYTyXDDch-RNVkqeUGWTXcHJ8z2MlzRec-Mky-6RKnY6rISHOX6emklFQtI1kwtp-JPr9uy58BdoNXD3tHrxlZ00xM0twejLwdWUx9gIhOYquFUcltfBeMML4wJpPZlSQ9hXBUAZwdO1Vd0AIZwYbnWPruP5KRioTYgm1adTQDzrGMsoNT2HdKhp_x0IgkoI29wSh1cP7nBai0sL1ESUBw5w_Ry1dCp_bY3i8bg_0sIn7IYgrVMqt155SKcvWeayki1smqramyJjqNHdaLlBO7cltqujpPxiDKGRVS7qesgydBFiGY1GAEPZTPlT9Tu_dIa3e6O8I2kN_iUL6GsQtNO4EXqhIEm6R420h_KJ5MwNfTIrPuF-U6fh4E9090cmwDurTq1QOlw9lr4WcyVEQn54ddn_fKwIiQy-2L3QVscT-9I-thwxOqIr4xKYSeT18hgx3F2RV1P1vCPAvTJalZKiMrly-d3cSjCesJK0En7Rqt69dQ7UueROU5hynw1wBXIT0Uqhv-0508zkGqxy05bu1DiYCslGhPASYdR1abClaZzqjgMt8ELclrIc5XJJDZijjEUokzK1WxAVGsFOcORB1CTuI8ZZTYUkIEVDMegYWLeHy9dN_KJZLBjVgRgrQb-f5WkiLMvG1nHpTty7CUliWGlzYLDB1N4AdhUUvCN9t5AmmR917llxCykgqqmQXDzRvj4caWMrVQxe1gF0oslfkQ-VMi0qTklJhipfkz87E5C6El0JEEfGv58EWDAwvH2x_kOgUI_xdjkuhV-XMWO516Qy0QTy2IzJY67fNpA3hk4Huw9DIgrqu3nQFM7U9Pb5IvCTUogo3GUvesrUq7-sKAEa2QogYDn29zq9eMAE2nld0irAnup7Az-g_NXIJ_5BBPHEabFdHfUFWFHRK13k6jiYjiRkv2Y0Y5vv0Bcefcg6RHrSPZmeVVsmpn5S29XVKJTFKAOZ3QMq3ghHh8xGhLg7cYvL9NgMppH0cIFFTXzOE1NATLxD-cDRlqF5O3bbkjpFgRS-63z2YPQ9cXvYg7s2Il7NyFJQwMctNY5SOzQS7uJt2hNIlOgWMktlP75cn9dXXGTwOrcsU1FKPA5n60bEsHDC8eI1V-7zOMHlSg6KPZ6mqNCs92AaYCZqn6k_JPvRB3Q2p_EemiyZblsqlQWORuyeZkN9v7cI0UpwHo7jm0m8k4VSOBJV0rjxG8JuSVHZAzVIg_zWgwixzkRok1NiWWrd7JWhvun6T0_SNhQHYShn1KnrfIuubQLbIRyCDwdCe5u8A13ryI0ITacYCQAZ3D9MBXx5YwOwR-qR-1uAnDb3seedmXpvT2li2q4y7_xG4D4y8DGzWUghHQSYBicL891YE5N87-cXMwtK0paapLK62TjdS30mqX_afhwYQC9XBVF2U5wHgg_azS-pCY7_VxrzMYMvDnhHP6K0R7BhaI1P2lbnuTkEsLJBn1kfSof5qgY7UFAISzrpthEJ1zsrsk_D5an8It5Yh11VEZsxtfmMkkytZyI2utR_ntHI6xfo-wKoFaMiT9y8AaKRYEYiWK_-W_tTctJF4XSfPfINmwoaHgKkx4HEh_3PZqcOlfkeQleN7aAM48Lpl-X7MZ_4KfF19yiyfSolzSLTVqKSas3_RNs_xMsIpKGSwLgA9gVrjRqlt3FzaHjcnYlMVfDZl62Dbmro&cid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f157.1e100.net

Software

cafe /

Resource Hash

ea0129ee358ec0abfa049ad0292695a36dfeb2f8aa79cdafd8453f12b63f5ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16090
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 09BF 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9ATf8TOCY_bpDOCbvcAP7LafoAP2jubFbavStY_gEPAuEAEgyp2tfWCV2oiCmAegAeqRyqcByAEFqQL9XeJ6n3CxPqgDAaoE4gFP0JhQhrjOmCgeWv_67m8jW2jaOyJrmegKO4GNcdmwOmpWZPJumKc57v8bCGOuDJBFrgSEalx-aD8NQWWTvzb6k76EoWjtuqPNK29xm7SewIOhOvyU15T73d1masYL2R6i7MxcWnEX9i_lM0_mtu4MX2FmmRpjUlouZO3Q8nknzQjAOlbj9-hOFWRVmrzaHFwTVhpXGhOShYJ3ipOJRRwNCo-Okp7GwU1hWH22VEt0DMN6AjHQBSl7d_G4bQu6aRPSis39MA6Xaq73Q0t7vInWGbeiTqtU4Gn1to9QGEmb7NtPwASDuoLarATgBAOIBeDYsOFGkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAf-7bXYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELrSFBjQ9q_aAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBPdxqYRyBOTysjhA9gTCogUDdgUAdAVAYAXAbIXHAoaCAASFHB1Yi05MzA0OTI4MzU5NTAxOTg1GAA&sigh=XSxs5FTeOjU&uach_m=[UACH]&cid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=8159439231&adk=4096191546&adf=3215562993&pi=t.ma~as.8159439231&w=728&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=728x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=6&bdt=343&idt=391&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C287x600&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=wbmI3t6ot0&p=https%3A//dramasq.su&dtd=393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 09BF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f418cb371f0e466298dc743bc5931b772fa90df20234bf447f43c8f2812976f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3868 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a69f44f56fc864222c446a7d36175adde422fc766944cdc91b81d1cbc5d3f864

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 98EC 28 KB
28 KB 99ms
78ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 283131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 09:03:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 81ms
81ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAUIQAAAABA5eVAMAQKDRAVIQAAAAAAAChAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAwMzMUJpAMAQSGkNMeWN6ZWlYelBzQ0ZaeFhEd0lkdU8wQVBRIgl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame BD1F 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 11:59:07 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EC 0
20 B 80ms
80ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAyIQAAAACYmdk_MAQKDRAzIQAAAACYmdk_MAQKDRA0IQAAAACYmdk_MAQKDRA1IQAAAACYmdk_MAQKDRA2IQAAAACYmdk_MAQKDRA3IQAAAACYmdk_MAQKDRA4IQAAAMzM7FBAMAQKDRA5IQAAQDMzZZNAMAQKDRA6IQAAwMzMnJNAMAQKDRA7IQAAwMzMOphAMAQKDRA8IQAAwMzMOphAMAQKDRA9IQAAQDMzPZhAMAQKDRA-IQAAAAAANppAMAQKDRA_IQAAAAAANppAMAQKDRBAIQAAwMzMWppAMAQSGkNMeWN6ZWlYelBzQ0ZaeFhEd0lkdU8wQVBRIgl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 09BF 41 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 20:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 20:14:16 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5edndy.c.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 09BF
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-4g5edndy.c.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

154ms
41ms

Fetch
video/mp4

2a00:1450:4001:25::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edndy.c.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/26711CBDBA2BA615B5066E9445BE43066372011B.13281E7EBB3B5C871BAE43BFE69819D063BFD667/key/cms1/cms_redirect/yes/mh/v7/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5edndy/ms/onc/mt/1669476930/mv/u/mvi/4/pl/36/file/file.mp4

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:25::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sat, 26 Nov 2022 15:42:43 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3927631
Last-Modified: Mon, 21 Nov 2022 07:26:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 26 Nov 2022 15:42:43 GMT

Redirect headers

date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5edndy.c.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/26711CBDBA2BA615B5066E9445BE43066372011B.13281E7EBB3B5C871BAE43BFE69819D063BFD667/key/cms1/cms_redirect/yes/mh/v7/mip/2a01:4a0:1338:92::3/mm/42/mn/sn-4g5edndy/ms/onc/mt/1669476930/mv/u/mvi/4/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 09BF 0
17 B 180ms
58ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lay3pt7k&c=7903553843854&slotId=3951776921927&qqid=CLamzeiXzPsCFeBNDwIdbNsHNA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=922&mt=video%2Fmp4&vs=360x640&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.1b1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AED5 2 KB
1 KB 130ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4Iz8QABNvwABiVEAAQv1wMg3EXoYQq_Dlfesw&u=%7CnZNdCgpOwOd95sqK3UNYFfWGUv0pgKkMhPJ0%2FeXcNkY%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9TOLHD9Ds7_1I9hDgzfPTGA0p6uh-UJpveCdSdsbo9WT9Cnxh6joohzOr4FQh0_tSyoGp7n8agFqL0a1S65lqW5HgN-2mn2BW0EU-J2e2wZHiZZyaGbZ0bJZdFRJclYfsyg7nphNEeZohKcU5hY7FN5btqNJcQ1ArZIIZN9-ZJci-QnQgDof49eTiQHlm20PXhUEXVAzNLIw166qWwjD5AD_m8JPu5vMenfWHjuHXM_qU7TGGDGrbT18t_UxQR29cPWzI1wdQOalkdJ751-GfdQdQAnGGPM6KvUiZ98gFwXMFLqX_jwDjwvwySZtek6JLZxLHZpHouql6w5fngKr24ozalMeVTl1_i_lHNAI8Pp2JpCUvogBLcZ_6rxN_tfTYKc80fczrzkWAMGVhdTOVKYp04NqVvC2PxDu2P8OyszENs7rdpynh7o6INDNwEl3V0-9IaxspQOr3Riz7gq9bNXA6Z57krqtckIc7alutVGbAEQ4HhfAb7fwPX3xwdf-OW63QiuyMHhCEhLPqKldWxNugf5NOySm-l3wiTIZp1t_I_r8xSY4y-T5KQCL6ZIs4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBS-z8TOCY_ztBMTKmLAP19-QkArJntKxXLWY49aTAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05MzA0OTI4MzU5NTAxOTg1yAEJqQL9XeJ6n3CxPqgDAaoEzAFP0Fvh59H3qqofS8kt90L6pgw4RkMgn2OxeUcp29MlsGdLuigjBKaQchGS_UtquaUynuzDRzO33626hqV7ArWn-ukLdhygB298jERcijMndgZlD9_KZWgFe3XjFdwf0sK81DAqfwpzjJeKs0HhUncHmO5sdHlbbdpa_qzgP5i16sr1njWXlBawJIuzRFAuk64Wifp_l6tZWhew_uQoTrMtktU888ThtDoPgD466NtgDcx7O6J8YAgFZJEKcfjnH60m1A_-IjsUWHF3GJuABqufqc3aouL1J6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_02m0lulByH9hJmMoYsSYGZQtP8_Q%26client%3Dca-pub-9304928359501985%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame AED5 2 KB
1 KB 169ms
79ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AED5 308 B
636 B 127ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame AED5 293 B
621 B 126ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame AED5 43 B
348 B 148ms
42ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ED4rzj3wNTBkwzG0viObvgbPIFyqL1Jc0Q1fJ4kAk54Oxk3CKk4JG9fi-xKFuWDj99hvRPLqGWr6gwcySFP5XndTp6P-CmW64cZlZ99yn0UBf81ycRguFo0Zr0_K2klwxqFjhIWds7K6fRmjEkdecebYqDisaMemVHWZ_eiVZZlIhjTU1ReUHSpzFvc4-uQlroxNaxCnPUhFCgoVqp6pxVeSe1GoCAs1nlJB8hPfuA3GBpdRZ7CyhIkhGTiFO1p54Pi2D5tb5ikRDOgW8W1yAw0W3RIqqmum5xoSn5nS_A-xpYcamBowHymFB2Gz9ZmuA_wWPX7gBJc__eQLwOq4If672wF6FfoqPhEzcIp8tIiVdQs2D_ZQaNPAWfSboLHjRhLnNWmvV0JYOsZyFPG5YuzvBK3zqLoI4G6YeZ9gQQZ6Jg5i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1829629
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AED5 12 KB
5 KB 127ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 857330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lqs4CTYlhue2g1YF8pWM3OHit%2FAwG1CoQMNHft7Paxuvg%2FQ6S%2FVohnucc0ck%2BlZvI58aRS1IBWlQlTVbSN5eycfkrEdUnULZg0orvIFIWkuLJFu%2FOz7c4NHLfHo%2FIGCpNw%2FSxpUfeSTJcm6Zvt46tunD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7703bc4de9bd8fd4-FRA
expires: Thu, 16 Nov 2023 15:42:42 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B104 23 KB
9 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 14:06:18 GMT
expires: Sun, 26 Nov 2023 14:06:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame AED5 12 KB
6 KB 109ms
42ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AED5 11 KB
11 KB 160ms
46ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F771%2F160923%2F58605b2e514c432f98cd3a75f9acc6b6_logo_n_horizontal.png&v=3&w=196&s=vvQ1zHDNFzggYkdepbYqlgIV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28652442
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11279
expires: Tue, 24 Oct 2023 06:43:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AED5 6 KB
6 KB 202ms
89ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F17%2F17357245DX_14_F.JPG&v=3&w=800&s=tHSpwrCiLYNfsxQ_eEwLR8Iv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f4ff3ae8af4440e473b75c163d810bc39097f20292283862153cc34684ff31d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5814
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AED5 5 KB
6 KB 204ms
91ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F16%2F16102511KJ_14_F.JPG&v=3&w=800&s=upjRcCMOf5t4YYxTNeZoz2Dv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c243f25a0ea0566f778f18ae5aa0b88999ca805bb6d378454c6bc62264dd6595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5438
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AED5 21 KB
21 KB 255ms
142ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F46%2F46812804DJ_14_F.JPG&v=3&w=800&s=68cfpRqx2-6YgHObVp5ijhNi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9cd0b39a4d8b8187d6c27d68c38f33a02ff7e7abf59ce05958c3825c8fb84425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21726
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AED5 45 KB
45 KB 217ms
104ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F915%2F220128%2Faa93c0a2dd2a44a8b5fc835af859f902_img_horizontal_1.jpg&v=3&w=1200&s=2gCjA-3x2w5d8DaFBM8znR19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c027881b5e260639cb9cca444778b0acf14d10228389ae27b5f39432908b1065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29452225
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46186
expires: Thu, 02 Nov 2023 12:53:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AED5 0
128 B 243ms
42ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BkP4i-DZhv7b38ROpKmuUUMu69uuvyydQDUtRDNaeh2IW9RwPQTifVAKyFxgkBZwg7x9v_8yl0TWOiN8mkyxfBOeCBKe98OHx_nu4enNq3w3RPpDcvafLMrp_BCmA0lMRgBLOUpUoxqxB9ysxngKAnxUxN7l94Ctdvg25FEG2NMPd7Ez7QJc54tox6vIRm5mEzO8Gect5b_Ph8cN2ubyEY86cI_EHPqnl-15W4YBsIBfrJHiQedxLeS60lmk7Xtw8B_8rw&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 15:42:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AED5 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AED5 2 KB
1 KB 41ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Nov 2023 15:42:42 GMT

GET index.m3u8
iqiyi.sd-play.com/20220408/i31eJbcN/ Frame 3F46 0
0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame B104 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 16:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 16:51:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AED5 3 KB
549 B 133ms
55ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 15:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 15:29:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 15:42:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B104 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bmtse8jOCY-rNJcKQxwKFmIzoBwAAAAA4AeAEAg&bg=!r6ylrOjNAAbvMpMzzzI7ACkAdvg8Wqh1lf8ggDlgY0zKx3UZ6LH07ooERKnuZC4abOSsV_m-2use9QIAAABlUgAAAANoAQcKAKwYB10Nj5cWJjfBo1zQzEzU2lyaga2pjZYgCMDCH47UmgODQSBqTxj5Q0jLwkTWz7dMXMdLwI8I9_X6B4REQdYl6oGCjb1uX6PfBxGwLqkzsLpLVQJ8Jd53X2X0wy9TlErFXk2XQYMGpMcKACNyRoOwhX2ANheVm99D2l0clyI35Y0c-7Yoag7XDHFEHNh8pynW23mUGgSVWAL-7TgyPXPlXnXwClXnxsivP0UemQK97fUC7vWMZSSqC9r0kFwG9LP6WT6OfrEdzdxbCBrCr1t4qq4uoUinDACtU0KMv1zVkEgrJq9I_s26Nufr-7qdMR3zgPpvOpFc4SNuD9UJ75cOAbYzuHdmRIhTD_F6B5keALh6WovpEHepvo-h_MHrrTFTD54K0uliaqHcARzVkwBzfG6NMNAwlj9o-4VCWGqqyYRQ1pfpB5M4TxSY11Q8wF7PoewEw_2AcpUAndEJzwWb7qlfbk7sUN0ZbOy6jUskLUQvFKgZ-BvK6Kwpwci2I0GSqHRGe3ZhKYcBJcAXvZcbq1gLz0fmzytoGCzMoBovk4R-KUoIuKVbLVyqWUtj0hFlaKPdz8Jv23TnBqUft3ZGrldttUbAvahSawzS6U_C4rr88qiqzzW8RztmafUy9uM8GtmCMkGFeyLomOrH8sH3HH7C4ubdp1TK3U0NcwPJOiZkXl1ULJRmeMJ6AIg4zRYK_4rNMmUTvUrQ9VebqVlVCJ6WmRDD2Mh3BCjOtfTXMibZbBNEnlWV4KQ90l0kLq0kOBcmtDFZjkxQOwiLFJrxBULWmhMpLE3NDsktBXWMnRYCoHRi_yqYYTlX9oPHRFBsVjxQ9ZgtNXab7tp5hWHvmC5KgJkm3wlk_ui_XnVy9B0qqpgx82DXOnQ33Ie-d19J1b4f_CfF91VCi_o2xRKtg0JdXfNmRpnUQpHEL8eDIxAl6KspT17WrwrxYu3zs0Rim02bx2LetnXaeDLT-2HKv_wbqKGNp2UG6X4MYjetg5vfn6J7ro0Jh1hxIY9m9dupGCuD-SOkpTv6tOtDTEBKskQKonoN-_nxp_Zc1ICqUHp-btSzW9L7ARu12uRfapGNL5fJ2gR4Y_9ONW7JTnk3oHKs03y24WnUVwhpiV1-g1SukB9-s39pxfgpudkBP4e5zt_xNiuJR0C8tAQ

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET index.m3u8
iqiyi.sd-play.com/20220408/i31eJbcN/ Frame 3F46 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C69C 42 B
64 B 151ms
74ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-qitNUq-oHinPIZms1ObvnqXjVDYNnNq19u1rK5qYGKNnmICi2NlAHzlDZ38anr6SUxbULTaelLOWC9ibqYLkGX_3YGFhN2Pn5ulFEzLQChjzbKemhwBKTkiwUsdTY9Sh6HE_hw&sai=AMfl-YQX5PR6niJN8L038COzxKbyJV47l5aF6ax4WbNoES2U0hjF7Yp901-xI8R1dq7fA54vo-R1q_KYSPzZ3tY&sig=Cg0ArKJSzF2FcUTsYi8SEAE&cid=CAQSGwDq26N93M9rrzRDbbKC9WBKXa2EVHGAJYx_UhgBIBM&id=lidar2&mcvt=1001&p=0,0,574,287&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=378053847&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669477360991&rpt=1008&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame AED5 30 KB
30 KB 137ms
54ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 136881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 01:41:22 GMT

GET
H3 206 file.mp4
r4---sn-4g5edndy.c.2mdn.net/videoplayback/id/4d94b6319f466a36/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813463745/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 09BF 4 MB
0 79ms
38ms Media
video/mp4 2a00:1450:4001:25::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:25::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 26 Nov 2022 15:42:43 GMT
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3927630/3927631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3927631
last-modified: Mon, 21 Nov 2022 07:26:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 dc_oe=ChMI6o6j6ZfM-wIVQshRCh0FDAN9EAAYACDwmP5WOhoI4q-i2QIQg7qC2qwEGJPKyOEDIKvStY_gEEITCLamzeiXzPsCFeBNDwIdbNsHNA;dc_rmcid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 09BF 42 B
494 B 190ms
74ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6o6j6ZfM-wIVQshRCh0FDAN9EAAYACDwmP5WOhoI4q-i2QIQg7qC2qwEGJPKyOEDIKvStY_gEEITCLamzeiXzPsCFeBNDwIdbNsHNA;dc_rmcid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D28096%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D377858013%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669477363379;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 09BF 42 B
64 B 76ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDlo78TOCY_bpDOCbvcAP7LafoAP2jubFbavStY_gEPAuEAEgyp2tfWCV2oiCmAegAeqRyqcByAEFqQL9XeJ6n3CxPqgDAcgDmwSqBOUBT9CYUIa4zpgoHlr_-u5vI1to2jsia5noCjuBjXHZsDpqVmTybpinOe7_GwhjrgyQRa4EhGpcfmg_DUFlk782-pO-hKFo7bqjzStvcZu0nsCDoTr8lNeU-93dZmrGC9keouzMXFpxF_Yv5TNP5rbuDF9hZpkaY1JaLmTt0PJ5J80IwDpW4_foThVkVZq82hxcE1YaVxoTkoWCd4qTiUUcDQqPjpKexsEVYLonvi6bRp4MmdsnGtx0lIfnbJ1XMJhPWFP-3jqtnUO2cbWjbWhbRjCZuoIEvbzjJiamfACETS3NhbTAScAEg7qC2qwE4AQDkAYBoAZOgAf-7bXYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT3camEcgTk8rI4QPYEwqIFA3YFAHQFQH4FgGAFwE&sigh=daL67bLHMes&label=part2viewed&ad_mt=5&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D28096%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D377858013%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669477363379

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=8159439231&adk=4096191546&adf=3215562993&pi=t.ma~as.8159439231&w=728&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=728x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=6&bdt=343&idt=391&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C287x600&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=wbmI3t6ot0&p=https%3A//dramasq.su&dtd=393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 09BF 0
622 B 864ms
410ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsto1KGKHnIdxQnUsqyg8xZZOw9I8nrkeSvNBGAM0YW8O2z2y19lMa3Nek2eMxkRZ7cf4VwD8UUqXH8Bq42iuNbM5nCH7pWXI2X1AAzliHvVz7djUPoYvu6UP22qqeCKPD61dXlcC8U881GW0om4YVMM5uSOekYsI7ouSrQy3rRSASV_qvMbsIobf001HTonVY4dQQpW5qAnpqy0MpA7a6bw7z9cOWGbCu2DjWuF7AY6kuVfZGkTJSyas80DWIZxDo1HDM-0NATGlWlB53w-SyemtMmY5PlzlH-usQCsMj7OXsnzUsrqSesQwzMjDaHLJkao9immXejhSykJWT2vQYnNB6_KBexrOJ2O2iEKnIN-FYTyTA7n9dfC8a30IG2_IHDmRnAqoGguqFHQAmh7HhexSAafTdK2rBRelWxNemB0-iuQDebuJ5vkzsCR2ilgkCXmMoXbAS85qsA8-IzZfGm5cx1_3YMZEp1R4uOQu8yls-Mw3w9QlIYCXPA_PADFw4CuoooEiLQJoskx2sP_N9wUEzrnGEI1d2Ogoxz7xH6gqiJzexEOEet59Sm619Nhe9e7TfXgU02mjgCEbE-d_hapM0S8hWDg8eu3ZJjSIuiuZNUrln1cCm0-LmwLi_wGF5HWZN2RaACvgZiernkG2mPsb6WgBoJFiiTGoG1qlfz-RNZXwMQpP_z8jAH1C_CCvGPN5lQpUObPAxDjTs4flRTTetliVrS1i16DFloxzvjTtGpoqRUXOqSWV4NC2AugaEwtJBMgjjgbKhgfONeQE8_azf0MYhZ6mBB-ow9ncZfonVLiwMdUfSwqwGOtNOrSRZ_DyYBU4ibzxDArEcHu9Tn9nKE6nDgCsYVzJCYi9zwxzIwVWwczNwjEjVq9kxou_VLGTZd44GRsscXSFxkYUieCZUHr1OoP8fIXl_ziRyw5eHOaWxPNPMNAceVyc1bsLe1hdKrY-hdRoJaGrUUcpgAHAUeQoz-yAjNDWbqt2JNour8rlmubSk1RsfPmoogacty-xpUgORFO4PVGfmeLueYhpcAOmTeW3wHHZQmS0_gei-B49z3D5tm79W6b-xy6v-lOq5Rb0qIGZm0oNLQoz0-hlgatyv9ZgcDkMwXAhtzfLj5cSNAXNSvZSAz1IyvIm18jcNIMzsNZnH2jV0nHTMgbl_8WLexwdg&sai=AMfl-YQxUHbm5j6nBSjrDdhrf1l7sSkbXqDBNezp2oUbX1C0waCuRwb2uNjaQnV7ZoI-9BoFxNRovFXqnLgdQdhf7aDnkemIUec87m7DcVOM33EyKb12bB9yyDM3mAM2xHiYEPNAmnMZ6uRs3lTGCw246tGAib8tB3gNg59pRY5qEHRbmhcPEkM3VDXofbgN_vCAk55bPa6hcUUQcXQ37tv3&sig=Cg0ArKJSzHB27qKT4xk-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 09BF 0
19 B 77ms
75ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvIn8kCEOKvotkCGND2r9oBIAEwAQ&v=APEucNU26SpT7BMtZVO7dfPEHtDdrjiTHn6QQQouoL7qdrqNczcazZH1wSjn7aYIWshVQDBuTvAHdmbpXblRz0nR3VEAl-NwQA

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=8159439231&adk=4096191546&adf=3215562993&pi=t.ma~as.8159439231&w=728&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=728x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=6&bdt=343&idt=391&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C287x600&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=wbmI3t6ot0&p=https%3A//dramasq.su&dtd=393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 15:42:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09BF 0
20 B 73ms
71ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI6o6j6ZfM-wIVQshRCh0FDAN9EAAYACDwmP5WOhoI4q-i2QIQg7qC2qwEGJPKyOEDIKvStY_gEEITCLamzeiXzPsCFeBNDwIdbNsHNA;dc_rmcid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 09BF 42 B
107 B 190ms
75ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6o6j6ZfM-wIVQshRCh0FDAN9EAAYACDwmP5WOhoI4q-i2QIQg7qC2qwEGJPKyOEDIKvStY_gEEITCLamzeiXzPsCFeBNDwIdbNsHNA;dc_rmcid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D28096%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D377858013%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669477363379;ecn1=1;etm1=0;eid1=200101;

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 09BF 42 B
64 B 75ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJSJRhrG2A5pLpIB94Vy0kLj757dZ4W-tlGS1bzGZTA1hZ-kOyrGkoYX4QKLXJmrbArcY70vLg78DYLxk0nj2h64Wbm0RCgzIWX-J2xNRW99iyqjVuduLK0QhqZw063nBvV3W8LQ&sai=AMfl-YRRgm4VyrQLeRvctp94t0apqRTkrIUWHKDomoMc-wak_o2itnwSX8CgNNzULf5TqKnwTr6CMZOvMrxd86g&sig=Cg0ArKJSzMMCInAjG1lkEAE&cid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D28096%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D377858013%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1669477363379&avm=1

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 09BF 42 B
64 B 77ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CDlo78TOCY_bpDOCbvcAP7LafoAP2jubFbavStY_gEPAuEAEgyp2tfWCV2oiCmAegAeqRyqcByAEFqQL9XeJ6n3CxPqgDAcgDmwSqBOUBT9CYUIa4zpgoHlr_-u5vI1to2jsia5noCjuBjXHZsDpqVmTybpinOe7_GwhjrgyQRa4EhGpcfmg_DUFlk782-pO-hKFo7bqjzStvcZu0nsCDoTr8lNeU-93dZmrGC9keouzMXFpxF_Yv5TNP5rbuDF9hZpkaY1JaLmTt0PJ5J80IwDpW4_foThVkVZq82hxcE1YaVxoTkoWCd4qTiUUcDQqPjpKexsEVYLonvi6bRp4MmdsnGtx0lIfnbJ1XMJhPWFP-3jqtnUO2cbWjbWhbRjCZuoIEvbzjJiamfACETS3NhbTAScAEg7qC2qwE4AQDkAYBoAZOgAf-7bXYAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT3camEcgTk8rI4QPYEwqIFA3YFAHQFQH4FgGAFwE&sigh=daL67bLHMes&label=vast_creativeview&ad_mt=5&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D28096%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D377858013%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1669477363379

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=280&slotname=8159439231&adk=4096191546&adf=3215562993&pi=t.ma~as.8159439231&w=728&fwrn=4&fwrnh=100&lmt=1669477360&rafmt=1&format=728x280&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477360603&bpp=6&bdt=343&idt=391&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C287x600&nras=1&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=wbmI3t6ot0&p=https%3A//dramasq.su&dtd=393
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 09BF 0
17 B 58ms
57ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lay3ptdt&c=7903553843854&slotId=3951776921927&qqid=CLamzeiXzPsCFeBNDwIdbNsHNA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=922&mt=video%2Fmp4&vs=360x640&dm=28000&ple=0&umsem=0&event_name=first_play&asset_bytes=197672&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1uh~videopreviewstarted.1uj
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E13C 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhqjzGoslvxirKO9hfCduKdirsJDcBjO6Dds7WUetXS0VSY9bKcYGnDmRjs5iPv9V2EFS7w6yvT4lJHNt7x6StsR-m3Y_fCxVkEVWxbhgnOVry8-M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5366 624 B
242 B 75ms
74ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgsLp1gEwAQ&v=APEucNVfNPgqbC8b_NC1qKjYwttoc1uz1Uv4ivLNSHcDsFJaa9uBujjS-jI5DMyD246EmZ4vFPcjy4Wq4Xn-ru7vWmFIfvRBK2Uunon4Fh_bHwujhiwzGqj6q8_MEi0hgp03dmXxrizXLBHzRkBGn-JkWEObcsibTnebMAsmAwMXYFCdH9wYuOY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E13C 79 KB
33 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C08Wagd5jTTeTPDGFnQptjdt8FlCcm1m_wWMFR946LGiBc5IkAqKeS4IHtjNd2i8pQVz10lShq-lxQUXsFZWAZH1Lr-Tz9vAsFZHfRd3ge1CAZcEbZb5RpTkdkfAxxxGakvc1nlIVX5RZA3tfPqDIIyAYzPoSuvdOtCdsHvRtAMXq1EfI&dbm_d=AKAmf-ABxszuArGmgwfPloRnSd_o2OR8r3ygGJTL1PPhBxShEICwOSqUFgONoEAuq3dYPOsg0OY2izfBVXopgEBGwKkROhuq4QwNBzp3aILVrQ58lt8wpUqENE8C_khfMV4_VqnDW5imx5DMFRx_XHBGxj5pYbceyVGEkxCCPjOZSOw3udZeg2e4Zn6ew5FbcyDpy16zBz6igoKLOP0UF2SA8Z_l7OtOKkEuV1-vpug2343R4tZmZoAcDFfgbTvuehrvCA44u08zpmaPCTa_C-fvv8btFMKTGnIeEwmLmkut5DdOGB_60WmeUxjt8C7uqdPzCmHuT6YDlq4WDjFlbdHwM1QBJ6e0W2pdPqY46GS0Vh3vEe9nFQzt_cyVYinX26lrX0x5CaUZz_IVuTI91FUiscZI4JqoYjETFyXqKUJ-ETFJ64VXLSxg7FVIjDKO_iGAEo7ftR-609vpiZn6FBOLiucf-i8PEQ3fNa_iAYEfkDVvjwXO5QIbA7ET91GDHkQ9OJvuzS9IEtWuWCL6ECCcjNV2njFS17R6jHJBTDISljLaI9Qqt-8W8HtwbR62Bx4KgZXzmB_mGQS-AOS2Ley7ioOl9UP08YL3tloiVOt7OIgQhgRjShvbv5X4Cv-vX9ckOLI2wKvP7IVDOW5f3drmza3q_ibepFzqqCqEjleQU8WrKDHdgwZixlHMp72vgOGvD21t_vkVgpXc3uQheTPBYmgRfb_B713zrEppMpyX1TsFeuJNQJ6ktGU6dh1uRPt19Y8x30ekmMTcc1D34aWiT0Euh9BV2OlMWJ2MjMY9cw1-A8ImyaXZ5HbU-gNvXNStqZdeOth8pCnizhvUYYBlJXvbrZWXxP3j-4j5LcDI8gi-scDZ0qvsDwvp8_MBWYOdo4PoN0AWUAPKDVpKXC1rKkwchxbJOCD8N5JXSi5DOLArRXvXSRYr_vvv723Fp618nks77V-qeFo4RtwNV536-rACeeJwFvX0bXuou9k0gJLbt51gK9TYTyi0h_fH4xQCPEkp-7kOYYjLuGfhGkQNCK1qirWJPb8LWfDTgKtOVVbxwYqCNN_0Engdtm0dgmVndY7ogEMUhYmRTrEMO5QRMbbqyMBEhYgJPkbXDk1vjixEEePW52QXGepHi7vxZRRmzweGCwrTFoz3WjNxzCjwj75LvKZ-lPMBD35-k7_BeHUjU8XORBdB5WA01W1kwcz5r10ehLMpUgxF4zzPQZc52dbqhzFrvHK-eCRRbcbvXRdY4now0AESh8ZHIvEIDjAgwoZ1jLHsKhYdy4mdSNntgkACnu8cn7qTYCfey-x2Plg2-Ad7duhi4S__Yk5YRw45P7UwdzQZUuchr9ajdMc0m-hF1x-WbKz3lA0kGQKV8ILkjoTDUJUYuJsSXdC3oFnB0iKP1bsPmmGfpGuo3MUClSMUqBfnnINYo_0JxB_uB4NF9rj06P9SBQcAhY6HUrvJAM-w5P9cW19irsrG9BRVagd-1TVq-Zq0OoeKIdP0xd6P90A0sHz0MFnPIPaNRJOsqum4pHZ5ecZxj8Qgfw9LptQl9pmJcgTIJokl77hKG4hgWmEE_wltPzALFfnp5T_F4hprvp0eiIw5dM1SP3_y6FpvF04jDCjAkBiL7JOISs4Rna6-S5s54a33xGVNlTY1KN3BTcrh058A80J4TjXf7esU92RvqxhhD4xHar-oNdsBxc57UUAz2XcaWPBlh4PyZjEQ6sl1yXawAkTxhboE2QTIc2vOkPQx-F5aY0Avcum8xlzUi6WY0uNhKKuK4mx1J9Mz4DipVCxP--tbtfaLwTUR_Ptqu_7PsUZTgTDcSZk1rGdq6pJFbosK6k4tfsGizfZCZwWFR_t3jVcMUcv5VzPis9E1wy-oTRYprpDQYCfOiIf7_BqhjeP7Pvsc643DwHCNmjuB8vm1unWdEoABF9LqI0giEa8MyUbMCe90b-8aMc5roljDe-nPvjzKTDGYijvj7sOQWrexsWxM_sMaEjfLkOVzflTV-QC9KT_TnD5mnUoA7bZOwCA3LwrvrbTwLkgyveHPXjRMxJmlUHbylHkeqK2HoE9Ay_5tPUQJCYupJs_2MwDEwTUVio10y6CVlrDRpNOSGYzSjopiJEn1taKwGfqymS91m6IOWo5HrsQqNaMhC0_9phqYNZmbFfu3OGwCSjsHJL7hW3dr3TSt_SS2NuSXNfe-N_zF7nhd_e0SkuRJFA4gfVASiFUPn_Q5Dmow6T2FTYM21MAFCGpA9ZyF9Zjj4pp3DJKYPeCTmrH1bXnJEr-YHL4K3eOFY72PAxXZ5zJgoiAlwZ5FRD_WS9dF_SpN6RaYQsQ6F51LE7gNJXJmdPl3V0YA-0_-_wgsnzJjd09kQjCX6N3jdPLecHw1Em7kq-rm11onxYsPZefIeK8ab7yHveqJrdPm7-IycSwkU9dkOK1L43qW7Rvm9vyvAxfrmgHlfBBcCpj4JjUC2SQAZrrr6jwFdg6fMEFavcdOzJOxxQT_IAtmFd3StW-Ek4nsynM9RXsW5zRZCH5iD55Udx7I13ucVQziZ7-EjgU-5DA-KXDPzHzcflAsSzhBWuf2Kf4ysp3a1LAEfdUsVY0f7BNsZCv_gyY0wQEjGv5rS_4uI4nh4_nlmwhA2DL4AEu6r0-6uI35WCfePnm-GG5HpdF09gSbc41l5JBqOMKo41CtD5GbHsC1oJN4FJWW9bIqJG6rkWV9UBjJRV-QdlBrRqMKDSkleHUSyC9R3YfrGIpvfyQGSJBbpiieQUxeOLaMPsoUaKpdOniIDnWmdYYhVGvJ9jHqpzJjhrDJAsnuzCDaJpnXTuPOocTLhAJtF3U-oO1qAP9cy9XkYzpQp2i143Lwts1Ryc41aPVz_RNQYW9YZKpThorZR4QOyCVzE6UOUo28rBUQuNu-hgK06el7ycAtIgRCGf13KjyfaFX16t-riaHG3oW_e_CtkLTztpIfat8n6kbvPAujcK_4R-wvbKC-aig9fQ2ddLL5weKsS2Vs7ToxpWk4_IsBEkqprhrC8LDZpYmqGI8odqtM-Z4oUkw7DRHNEj-4RBc51LXvh4har0CelYkZ2SMmWYa4eH5dBynrQ0VZ1mTWciV00wmnlJc&cid=CAQSPADq26N9jlASlwZ1ia5m9NoOXIhwwS5HQt73k4ZN_wAAU4LWnAghGlECvCrttzvz8zh3pskfUGSvaDHmIBgBIBM&rfl=1%2Chttps%253A%252F%252Fdramasq.su%252Fvideo%252F144162-2-1.html%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c94df507d0f7e5a2a51db784ed726ec06721f3cc951d5951163131a51ef44556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34252
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E13C 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 14:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 14:18:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame E13C 18 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E13C 0
0 132ms
46ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnSPCIvMtxfojRlXEeNSV2BfQqRxv4pIET3H0RQYIeUoRcCAskpxnlIIwpcGFNb-kpvVNAr7OpNM6DHKPi4-PQHaKZFw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E13C 154 KB
47 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 15:42:43 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5366
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1&C=1

43 B
766 B

57ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgsLp1gEwAQ&v=APEucNVfNPgqbC8b_NC1qKjYwttoc1uz1Uv4ivLNSHcDsFJaa9uBujjS-jI5DMyD246EmZ4vFPcjy4Wq4Xn-ru7vWmFIfvRBK2Uunon4Fh_bHwujhiwzGqj6q8_MEi0hgp03dmXxrizXLBHzRkBGn-JkWEObcsibTnebMAsmAwMXYFCdH9wYuOY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 15:42:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 15:42:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5366
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4Iz8zzBoPatVKJKEKsR4gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgsLp1gEwAQ&v=APEucNVfNPgqbC8b_NC1qKjYwttoc1uz1Uv4ivLNSHcDsFJaa9uBujjS-jI5DMyD246EmZ4vFPcjy4Wq4Xn-ru7vWmFIfvRBK2Uunon4Fh_bHwujhiwzGqj6q8_MEi0hgp03dmXxrizXLBHzRkBGn-JkWEObcsibTnebMAsmAwMXYFCdH9wYuOY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 15:42:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMgFYs-rC-N3rPllxx05Tm8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5366
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCWmk1GeuREyOtd_VbSvy4&google_cver=1

43 B
1014 B

75ms
43ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDCWmk1GeuREyOtd_VbSvy4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YYgsLp1gEwAQ&v=APEucNVfNPgqbC8b_NC1qKjYwttoc1uz1Uv4ivLNSHcDsFJaa9uBujjS-jI5DMyD246EmZ4vFPcjy4Wq4Xn-ru7vWmFIfvRBK2Uunon4Fh_bHwujhiwzGqj6q8_MEi0hgp03dmXxrizXLBHzRkBGn-JkWEObcsibTnebMAsmAwMXYFCdH9wYuOY

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 15:42:43 GMT
AN-X-Request-Uuid: 875a2b32-eb85-4e91-b2e8-d697d23dfa69
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDCWmk1GeuREyOtd_VbSvy4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5366
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5Njk5Mzc4Mjg4MTk0MTY4Mw%3D%3D

170 B
188 B

135ms
59ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5Njk5Mzc4Mjg4MTk0MTY4Mw%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 15:42:43 GMT
AN-X-Request-Uuid: ef37d8cb-9976-4ede-835e-e122549bfb48
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY5Njk5Mzc4Mjg4MTk0MTY4Mw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E13C 106 KB
38 KB 143ms
37ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 08:38:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame E13C 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C08Wagd5jTTeTPDGFnQptjdt8FlCcm1m_wWMFR946LGiBc5IkAqKeS4IHtjNd2i8pQVz10lShq-lxQUXsFZWAZH1Lr-Tz9vAsFZHfRd3ge1CAZcEbZb5RpTkdkfAxxxGakvc1nlIVX5RZA3tfPqDIIyAYzPoSuvdOtCdsHvRtAMXq1EfI&dbm_d=AKAmf-ABxszuArGmgwfPloRnSd_o2OR8r3ygGJTL1PPhBxShEICwOSqUFgONoEAuq3dYPOsg0OY2izfBVXopgEBGwKkROhuq4QwNBzp3aILVrQ58lt8wpUqENE8C_khfMV4_VqnDW5imx5DMFRx_XHBGxj5pYbceyVGEkxCCPjOZSOw3udZeg2e4Zn6ew5FbcyDpy16zBz6igoKLOP0UF2SA8Z_l7OtOKkEuV1-vpug2343R4tZmZoAcDFfgbTvuehrvCA44u08zpmaPCTa_C-fvv8btFMKTGnIeEwmLmkut5DdOGB_60WmeUxjt8C7uqdPzCmHuT6YDlq4WDjFlbdHwM1QBJ6e0W2pdPqY46GS0Vh3vEe9nFQzt_cyVYinX26lrX0x5CaUZz_IVuTI91FUiscZI4JqoYjETFyXqKUJ-ETFJ64VXLSxg7FVIjDKO_iGAEo7ftR-609vpiZn6FBOLiucf-i8PEQ3fNa_iAYEfkDVvjwXO5QIbA7ET91GDHkQ9OJvuzS9IEtWuWCL6ECCcjNV2njFS17R6jHJBTDISljLaI9Qqt-8W8HtwbR62Bx4KgZXzmB_mGQS-AOS2Ley7ioOl9UP08YL3tloiVOt7OIgQhgRjShvbv5X4Cv-vX9ckOLI2wKvP7IVDOW5f3drmza3q_ibepFzqqCqEjleQU8WrKDHdgwZixlHMp72vgOGvD21t_vkVgpXc3uQheTPBYmgRfb_B713zrEppMpyX1TsFeuJNQJ6ktGU6dh1uRPt19Y8x30ekmMTcc1D34aWiT0Euh9BV2OlMWJ2MjMY9cw1-A8ImyaXZ5HbU-gNvXNStqZdeOth8pCnizhvUYYBlJXvbrZWXxP3j-4j5LcDI8gi-scDZ0qvsDwvp8_MBWYOdo4PoN0AWUAPKDVpKXC1rKkwchxbJOCD8N5JXSi5DOLArRXvXSRYr_vvv723Fp618nks77V-qeFo4RtwNV536-rACeeJwFvX0bXuou9k0gJLbt51gK9TYTyi0h_fH4xQCPEkp-7kOYYjLuGfhGkQNCK1qirWJPb8LWfDTgKtOVVbxwYqCNN_0Engdtm0dgmVndY7ogEMUhYmRTrEMO5QRMbbqyMBEhYgJPkbXDk1vjixEEePW52QXGepHi7vxZRRmzweGCwrTFoz3WjNxzCjwj75LvKZ-lPMBD35-k7_BeHUjU8XORBdB5WA01W1kwcz5r10ehLMpUgxF4zzPQZc52dbqhzFrvHK-eCRRbcbvXRdY4now0AESh8ZHIvEIDjAgwoZ1jLHsKhYdy4mdSNntgkACnu8cn7qTYCfey-x2Plg2-Ad7duhi4S__Yk5YRw45P7UwdzQZUuchr9ajdMc0m-hF1x-WbKz3lA0kGQKV8ILkjoTDUJUYuJsSXdC3oFnB0iKP1bsPmmGfpGuo3MUClSMUqBfnnINYo_0JxB_uB4NF9rj06P9SBQcAhY6HUrvJAM-w5P9cW19irsrG9BRVagd-1TVq-Zq0OoeKIdP0xd6P90A0sHz0MFnPIPaNRJOsqum4pHZ5ecZxj8Qgfw9LptQl9pmJcgTIJokl77hKG4hgWmEE_wltPzALFfnp5T_F4hprvp0eiIw5dM1SP3_y6FpvF04jDCjAkBiL7JOISs4Rna6-S5s54a33xGVNlTY1KN3BTcrh058A80J4TjXf7esU92RvqxhhD4xHar-oNdsBxc57UUAz2XcaWPBlh4PyZjEQ6sl1yXawAkTxhboE2QTIc2vOkPQx-F5aY0Avcum8xlzUi6WY0uNhKKuK4mx1J9Mz4DipVCxP--tbtfaLwTUR_Ptqu_7PsUZTgTDcSZk1rGdq6pJFbosK6k4tfsGizfZCZwWFR_t3jVcMUcv5VzPis9E1wy-oTRYprpDQYCfOiIf7_BqhjeP7Pvsc643DwHCNmjuB8vm1unWdEoABF9LqI0giEa8MyUbMCe90b-8aMc5roljDe-nPvjzKTDGYijvj7sOQWrexsWxM_sMaEjfLkOVzflTV-QC9KT_TnD5mnUoA7bZOwCA3LwrvrbTwLkgyveHPXjRMxJmlUHbylHkeqK2HoE9Ay_5tPUQJCYupJs_2MwDEwTUVio10y6CVlrDRpNOSGYzSjopiJEn1taKwGfqymS91m6IOWo5HrsQqNaMhC0_9phqYNZmbFfu3OGwCSjsHJL7hW3dr3TSt_SS2NuSXNfe-N_zF7nhd_e0SkuRJFA4gfVASiFUPn_Q5Dmow6T2FTYM21MAFCGpA9ZyF9Zjj4pp3DJKYPeCTmrH1bXnJEr-YHL4K3eOFY72PAxXZ5zJgoiAlwZ5FRD_WS9dF_SpN6RaYQsQ6F51LE7gNJXJmdPl3V0YA-0_-_wgsnzJjd09kQjCX6N3jdPLecHw1Em7kq-rm11onxYsPZefIeK8ab7yHveqJrdPm7-IycSwkU9dkOK1L43qW7Rvm9vyvAxfrmgHlfBBcCpj4JjUC2SQAZrrr6jwFdg6fMEFavcdOzJOxxQT_IAtmFd3StW-Ek4nsynM9RXsW5zRZCH5iD55Udx7I13ucVQziZ7-EjgU-5DA-KXDPzHzcflAsSzhBWuf2Kf4ysp3a1LAEfdUsVY0f7BNsZCv_gyY0wQEjGv5rS_4uI4nh4_nlmwhA2DL4AEu6r0-6uI35WCfePnm-GG5HpdF09gSbc41l5JBqOMKo41CtD5GbHsC1oJN4FJWW9bIqJG6rkWV9UBjJRV-QdlBrRqMKDSkleHUSyC9R3YfrGIpvfyQGSJBbpiieQUxeOLaMPsoUaKpdOniIDnWmdYYhVGvJ9jHqpzJjhrDJAsnuzCDaJpnXTuPOocTLhAJtF3U-oO1qAP9cy9XkYzpQp2i143Lwts1Ryc41aPVz_RNQYW9YZKpThorZR4QOyCVzE6UOUo28rBUQuNu-hgK06el7ycAtIgRCGf13KjyfaFX16t-riaHG3oW_e_CtkLTztpIfat8n6kbvPAujcK_4R-wvbKC-aig9fQ2ddLL5weKsS2Vs7ToxpWk4_IsBEkqprhrC8LDZpYmqGI8odqtM-Z4oUkw7DRHNEj-4RBc51LXvh4har0CelYkZ2SMmWYa4eH5dBynrQ0VZ1mTWciV00wmnlJc&cid=CAQSPADq26N9jlASlwZ1ia5m9NoOXIhwwS5HQt73k4ZN_wAAU4LWnAghGlECvCrttzvz8zh3pskfUGSvaDHmIBgBIBM&rfl=1%2Chttps%253A%252F%252Fdramasq.su%252Fvideo%252F144162-2-1.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame E13C 29 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 16:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 16:51:11 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98EC 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoBpAG6wDoDLH6nFa6LVlEnnRPnr-8umX5MFMQ04w7xDwN02eF4CY47g8Vf-oNwzUv3QrOv51wkwF0BYVOGC1nf20E5QohUNX8ylupPjp1qf9_7BZA1V8xmhsOOzh32IHRgsJ-oQ&sai=AMfl-YQ_Zwafz90qVxWfSAj1R9afksqSIAv1dvFKJO_XQ4tX6EcL7qq_f-XdikfMQVRopPYCZ2wOOEKB9Ltp8wQ&sig=Cg0ArKJSzIWRnVIagYmKEAE&cid=CAQSGwDq26N9_cl8NFijaGp0JoMSf6m9zkStriU3nxgBIBM&id=lidar2&mcvt=1002&p=0,0,280,1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1890418503&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669477360976&rpt=1685&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3868 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzQa4XOw1Ky8bQjG1Cfb2fOGSbYjS4kHwt0fmsaWrcGOy3kK7txqLaTXV2AgiQARFD_slsz5xCCHhEMhFws_ivowR1&sig=Cg0ArKJSzCjkETfwN0MNEAE&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=87,768,1004,1121,1170&tos=87,681,236,117,49&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669477362301&rpt=223&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E13C 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AA0D 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E13C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a292e46c52585f2eedbcb2814b35c434fffe560bd0573f52c3447a89ea4fbe5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E542 22 KB
8 KB 39ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 98332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame AA0D 35 B
463 B 470ms
377ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGOt2un7FizdGcDRojHkSGY&google_cver=1&google_push=ASkJ3FYkYR6skawDRmbV6ADFDYaH5nI7vKWXlE8bDwmr90s7QKNbFFYe_LDZ_vekIJXCzJLTbHw1jeQ62YBGjafMkYEfzl4EaFwA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame AA0D 0
98 B 142ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FYOzHCkqXg1eIwinAj9KE8abh7Jn4C7VCBhQyj0yfoGun2jPsek3z22jbnNCDMtJO5-6O_hzP4svJISPBh6zXjPgAKFgdw&google_gid=CAESEJPiPDd5JMIODZEn2J7hdPY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZu5Fej...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZu5Fej...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjYxNTQyNDQwMDA1NDI3ODc1NTIwMw%3D%3D&google_push=ASkJ3FZu5FejJ-XlFZY_XF2iAJcbrV1V_EGx3QMMsQl86Zyvf928ORQyEbq_MXrkqGRAw9...

170 B
188 B

48ms
47ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjYxNTQyNDQwMDA1NDI3ODc1NTIwMw%3D%3D&google_push=ASkJ3FZu5FejJ-XlFZY_XF2iAJcbrV1V_EGx3QMMsQl86Zyvf928ORQyEbq_MXrkqGRAw9_9eYid7ek90-Rhjt1z7VNo8rtUGRWq

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjYxNTQyNDQwMDA1NDI3ODc1NTIwMw%3D%3D&google_push=ASkJ3FZu5FejJ-XlFZY_XF2iAJcbrV1V_EGx3QMMsQl86Zyvf928ORQyEbq_MXrkqGRAw9_9eYid7ek90-Rhjt1z7VNo8rtUGRWq
pragma: no-cache
date: Sat, 26 Nov 2022 15:42:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 26 Nov 2022 15:42:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y-roMcKVQ7u0HJIaNg1G9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y-roMcKVQ7u0HJIaNg1G9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY_V4x7jxQN4-O7NxbG4L1A0u2dQYlmQptzVzB8lWQI0y63mzOyanEspTVfKjGX6G5m9CLlag9IWk0KWnHbf2qkxKChblo

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=y-roMcKVQ7u0HJIaNg1G9w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY_V4x7jxQN4-O7NxbG4L1A0u2dQYlmQptzVzB8lWQI0y63mzOyanEspTVfKjGX6G5m9CLlag9IWk0KWnHbf2qkxKChblo
date: Sat, 26 Nov 2022 15:42:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFECaatrzO1RDCMC7-Jhl08&google_cver=1&google_push=ASkJ3FZ6tAWzlcxUx2e_2xdd2y44aTFuGbo6cc1tCgl-GCdzoGpMv7q03a3bMgWH_-q5uvdatBV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZM1BVTDItWS0yWTZZ&google_push=ASkJ3FZ6tAWzlcxUx2e_2xdd2y44aTFuGbo6cc1tCgl-GCdzoGpMv7q03a3bMgWH_-q5uvdatBVPuMF2LBx9nzvMGhzVaQu2xpy7

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZM1BVTDItWS0yWTZZ&google_push=ASkJ3FZ6tAWzlcxUx2e_2xdd2y44aTFuGbo6cc1tCgl-GCdzoGpMv7q03a3bMgWH_-q5uvdatBVPuMF2LBx9nzvMGhzVaQu2xpy7

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFZM1BVTDItWS0yWTZZ&google_push=ASkJ3FZ6tAWzlcxUx2e_2xdd2y44aTFuGbo6cc1tCgl-GCdzoGpMv7q03a3bMgWH_-q5uvdatBVPuMF2LBx9nzvMGhzVaQu2xpy7
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA0D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFt6lljn3sgiSm9cx6Q5mRU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFt6lljn3sgiSm9cx6Q5mRU&google_hm=Y4Iz8zzBoPatVKJKEKsR4gAABKIAAAAB&google_nid=index&google_push=ASkJ3FZ1YRPvxxf-G12OVcQSgFKvgEBgm2Ps4...

170 B
188 B

136ms
136ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFt6lljn3sgiSm9cx6Q5mRU&google_hm=Y4Iz8zzBoPatVKJKEKsR4gAABKIAAAAB&google_nid=index&google_push=ASkJ3FZ1YRPvxxf-G12OVcQSgFKvgEBgm2Ps4xJWOVz3MRCV9DBv4W-o_hEN8zUusPNCSC_AoElGBb0ek4cztdOAtNn4HvTaCMeF

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rynJUm8pkfAu9IJ8MiDqbPs7DVE5mgNgIVKfOueYW9vMaAlccs182UPzUWAI%2FDV0QIgnvkgMWxRq4TTb5Ka4cZZIRiS2HDIXbA8zdiYoWLOByCFvUduAm17B5weRzNB4MxkSXsBI3jvPsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFt6lljn3sgiSm9cx6Q5mRU&google_hm=Y4Iz8zzBoPatVKJKEKsR4gAABKIAAAAB&google_nid=index&google_push=ASkJ3FZ1YRPvxxf-G12OVcQSgFKvgEBgm2Ps4xJWOVz3MRCV9DBv4W-o_hEN8zUusPNCSC_AoElGBb0ek4cztdOAtNn4HvTaCMeF
cache-control: no-cache
cf-ray: 7703bc547ce29231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame AA0D 43 B
297 B 246ms
45ms Image
image/gif 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEE7UFlkW9JrMdqEY5lz-a-k&google_cver=1&google_push=ASkJ3FbRr4p9PCVHP5uDPkAgFFWmwIk2_QXXGnoOTGjXu4t6YwXX6gejF8EV6rUFCoFiE9lJ5kTIAe_tWXOtcvi5jRN1uSd3nA0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 26 Nov 2022 15:42:44 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AA0D 0
12 B 133ms
61ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBVXh-jgUqHKF9JyrP1CjeWSqL-xmReVvBJ31hnj1LKyaymo3xONKrQCCUNY5XMYMHAnVI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 all
csm.eu.criteo.net/ Frame AED5 0
127 B 43ms
42ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 15:42:43 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame E542 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 11:59:07 GMT

GET
H3 200 160x600.html Show response
s0.2mdn.net/sadbundle/12408553050249963430/ Frame BF79 6 KB
2 KB 120ms
37ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e49ca389e64672dd9ee5e9ca535e8da25ba7876e14c52d47dc5e5689739dde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 150478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2367
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 21:54:45 GMT
expires: Fri, 24 Nov 2023 21:54:45 GMT
last-modified: Fri, 21 Oct 2022 14:44:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E13C 0
0 173ms
85ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPy7xl6EeYdhb122_4bSeapA2RUC5OCR0Ch2kCWnwEKqbGv1MDs94wkDOfrY4vLmURB_Nh4NTyyPk9_TEVOrIiMyDZgFJ_bQNn0pi7iDsaobJSf52Ll3XrgwQUDdl813DgzMetJCTvnN-KY_BCaXbzDb5qRxFE7SvvTn5hXDMwLgquKYU1ZOgz-4b2Gp9BaSHHGPlcnCrfGMQ7KMNI0wQkl-9Wu3SwTpl7yzLd1r4aF_DdtWBiGeeYLKn-E8-giuxRDZEWZEEUoIZNa9y0T4j0CYMJhlLng8_GQ_iT3ziZY-YJthXVR-fABllONaUaSuVvsmKgLKBKEl9IWv4miX7F_z_xsTS0eGaOxowTbSKG89mBxUVACzx0gs1Ove6dmRWFd4uH_VpuJvlMyUlASYU_mDsVhztRoiG-HL6V6UesTqzXYhCYt1EyS3ia9GgnTZI4H5OSjj_7jbHO-c2SGPtIG40A22m02U-SNfQIdRNBuNq0pSkemd-fjVa0DobAtz4-VZ40XWizrvbflor--TMGA49o8CgF8Kj4q1BH82JM5jOU6--OW-altQdmju3nBGSqzKl9EXoeQsdU2mOuB9m4OKYVH3kZkuRyWYa0fRYECMLr8nZkvrb5whgAdSZntHEf2w5ZQ-SuEnCj1jBdspwwjOsPQRBKn-o0y71D2toN7_n9rdeM1J4sVso7v1wdL-oipuzwecvqOkUBmdyz_DwcDOnV1vZDYN1yGlI8gZBOZH2W585ZKt1jk3yRSQnarbd6TxkBdkd9bPCF3OgZsdz493KSALqbKbaHWgrhJtnzyfF-N38h0yr6ko-Sz-72TSB-U_45ArF5XVrhiEEczlVeSYhfLYKKOwziOrO_02Y9l6qTyTlsAS_TnxcsLcLsFcZPAmnFe52FLdtDqVGUdgGMDBfAfzNVjspr_y9wLSbQ-jKLzwFwn9NrpbLkxfuRYDrRd3dG6Aihe92jOrUcnu_tIES7Y0OiiH9HNwW6wpGEHl5oRoRgmvR0LqU7vaC4xfR7Mk5PcAhAV8mek1JAWULmukcKDmG9ghzEMJsy9bCfKvqzWjbKNEg-wU4zmkS7Q8FShykhAROrk8dpW7ofZN2TGezy1M1nqbW8qK1fL74LB1OpakLEYnyHIWfWiImiaMO4IDnBoAEFuvx4o9nLpKuLeA&sai=AMfl-YTAYgrgD8Dt73jLhSZVVt1sDwLv7VR2WOCjH9LSVgCO8OWgB9Lpq6sMWzvSiYSW5n1-2Y6sVhiDEO336kx3b2XV_gm_Mv0IBbz6Os4MAuVQsD_YgIBKchuOJqgxhvXduHGvUScpTwSVxopaOBobdSwNsbkehGf1guNWTlSmNVSiet_NJ7i-BQ6OziuIEAeYM3QGSbN4aaAs-rz8zl5e79uzLpbnN21civijGNCmaZnczxQWcHdn1rkizwUSD0rCgA6RC-RpDmDy-Q&sig=Cg0ArKJSzCsZQu6jS4rsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&cbvp=1&cstd=195&cisv=r20221110.57315&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 15:42:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 15:42:43 GMT

GET
H2 200 img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28810971;s.a=3213511;p.a=349865710;a.a=541206919;cache=4283908361;
ad.atdmt.com/i/ Frame E13C 0
0 482ms
118ms Image
text/html 2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11122207570744;ec=11122226302456;adv.a=6266241;c.a=28810971;s.a=3213511;p.a=349865710;a.a=541206919;cache=4283908361;
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9304928359501985&output=html&h=600&adk=426345982&adf=3898236513&pi=t.aa~a.1417012993~rp.4&w=287&fwrn=4&fwrnh=100&lmt=1669477362&rafmt=1&to=qs&pwprc=2549500272&format=287x600&url=https%3A%2F%2Fdramasq.su%2Fvideo%2F144162-2-1.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669477362150&bpp=1&bdt=1890&idt=1&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D942f84c90b4f66e6-2225e61254b4007b%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA&gpic=UID%3D000008baf26352c5%3AT%3D1669477361%3ART%3D1669477361%3AS%3DALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg&prev_fmts=0x0%2C1200x280%2C287x600%2C728x280&nras=2&correlator=1556363333372&frm=20&pv=1&ga_vid=1736484645.1669477361&ga_sid=1669477361&ga_hid=934059743&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1033&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C31070763%2C31070968&oid=2&psts=AMjMPc13TUp4mjkKXgPHvPdP2-ZS4YirMdB9kTdVtrKU1nvcN7QHHkyz2CRpaX_gPP7haSiFumwZM2rAtj5vXjeKSQ&pvsid=1717126899880868&tmod=1328655026&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=Mq52bSyyjs&p=https%3A//dramasq.su&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E542 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWQTa8zOCY_jWI7-R7_UPhaKqoA4AAAAAOAHgBAI&bg=!HB-lH1vNAAbvMpMzzzI7ACkAdvg8Wnk3cfCGd4sQdpHtXkiZhIEIKIjeg2trymWaP99MgoAiEJMXCgIAAABRUgAAAANoAQcKAJ8DCbCdUn5dkHsTatGd64WI3KJFs45bZEXySeX57G22-7qWD9CW1zHZTvSgPTohlpWD7xkOJxUTka3DsOLBOHB4BoY6dV7M5wFoNx0FjRwz-5ItQCXqSzLsrYBxEXPrIozD7soYjg57Ls8lkHxUcTJE6EwtLmA1lHLlmFtS8tdsPFwL5p_70LzYGgcm5patdEC0bBOj0h283oIIi-U_dXCZArycul08tm0-rCSzd1jq5mpnpGQnAGFgXpXmSvN_K0sQGw1diRZF0G67dJsANuZ0_QoFEEy80D-FnogODWxTeCgcLt0kkstdhFeqLx0SkQM7d_AN4agHQuhVxqNw_MPKRBFcSDqWjw68dMIdbK7Kmo_SvrV-z7J-OJIuREH5ofXyQEy3g5x8aRvTjRbG2XyErdNXy2yiStLaIfMF79dVu_JPIr4KY9oNekYf9-mJLgAACi1TixTQNmfm_T3dCN5we0I1z4n9w-J3kmiTs7N_wKgeah17_QJ0FrMYAQhYva-Jnf4yn6cLZBIL1mId1hm9x18L6maPy2cLF-sIRAjlCJXbCq7_jYSuQ__OpY1mVvsXvbHg4SXYEINY1Zbh5WI5gPBx4Q6Q1PnXfIU0yKcyInhuiOb90Q1VfwMT_H9UzmgAZpQJkdKWWY7rZZc6DvYpaIoxnnMb_KOXnJE7buluPMzsZbguQBuappQW7m9nzxN2ZdZ3HcZxsc-i71NdjYJbv20iQ7qI8YOSid_vE1s0oEkkkdlspwgXbLolInCr4xT-HISjICIK1jMw6Pa9lyYYnhxlth7BPh66Q1yh46MByoZWHYg0zHt9_2llAY5ataNA1172zWidiGMvjVNn-dyDy3K4kgztgVsBKdi42UDH0-whztYBqls5GWYNE3T7GY8J_svD00b62FzrnVFG3UJLL3mCd7yFRYkNZFeYZjy0W8Pvj9PhnSorHSU5zjM-jSWsB445yRMcIs5xBYE7D_YWxf1i70F77Y4acXRHoFSTB5TNK5MzORQWrjQe2KaWF-mRSH8NN9EDOeA6AESIazckkjknN9vTjfKknExA2SRUamINf3IAAOw1Z0GP4OBLaBrDVeBArrTavWaKU4toRdObv1Nakef-msTiEMvJQol7jPAvUdzObeJQh5qYSxih

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BF79 186 KB
48 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 15:42:44 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/12408553050249963430/ Frame BF79 54 KB
10 KB 38ms
37ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d473af81da43890966a7c5ebdcb58a389b1dadd284c8ccb1a2dbc44e9b0b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7261
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10483
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 14:44:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Nov 2023 13:41:43 GMT

GET
H3 200 160x600_atlas_P_.png
s0.2mdn.net/sadbundle/12408553050249963430/ Frame BF79 137 KB
137 KB 38ms
37ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12408553050249963430/160x600_atlas_P_.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eced73079ce844d264c4f0eb3b29a03c18e87c44ab94de0b23a40b121705e3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12408553050249963430/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:53:54 GMT
x-content-type-options: nosniff
age: 150530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140689
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 14:44:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 21:53:54 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E13C 0
0 154ms
77ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPy7xl6EeYdhb122_4bSeapA2RUC5OCR0Ch2kCWnwEKqbGv1MDs94wkDOfrY4vLmURB_Nh4NTyyPk9_TEVOrIiMyDZgFJ_bQNn0pi7iDsaobJSf52Ll3XrgwQUDdl813DgzMetJCTvnN-KY_BCaXbzDb5qRxFE7SvvTn5hXDMwLgquKYU1ZOgz-4b2Gp9BaSHHGPlcnCrfGMQ7KMNI0wQkl-9Wu3SwTpl7yzLd1r4aF_DdtWBiGeeYLKn-E8-giuxRDZEWZEEUoIZNa9y0T4j0CYMJhlLng8_GQ_iT3ziZY-YJthXVR-fABllONaUaSuVvsmKgLKBKEl9IWv4miX7F_z_xsTS0eGaOxowTbSKG89mBxUVACzx0gs1Ove6dmRWFd4uH_VpuJvlMyUlASYU_mDsVhztRoiG-HL6V6UesTqzXYhCYt1EyS3ia9GgnTZI4H5OSjj_7jbHO-c2SGPtIG40A22m02U-SNfQIdRNBuNq0pSkemd-fjVa0DobAtz4-VZ40XWizrvbflor--TMGA49o8CgF8Kj4q1BH82JM5jOU6--OW-altQdmju3nBGSqzKl9EXoeQsdU2mOuB9m4OKYVH3kZkuRyWYa0fRYECMLr8nZkvrb5whgAdSZntHEf2w5ZQ-SuEnCj1jBdspwwjOsPQRBKn-o0y71D2toN7_n9rdeM1J4sVso7v1wdL-oipuzwecvqOkUBmdyz_DwcDOnV1vZDYN1yGlI8gZBOZH2W585ZKt1jk3yRSQnarbd6TxkBdkd9bPCF3OgZsdz493KSALqbKbaHWgrhJtnzyfF-N38h0yr6ko-Sz-72TSB-U_45ArF5XVrhiEEczlVeSYhfLYKKOwziOrO_02Y9l6qTyTlsAS_TnxcsLcLsFcZPAmnFe52FLdtDqVGUdgGMDBfAfzNVjspr_y9wLSbQ-jKLzwFwn9NrpbLkxfuRYDrRd3dG6Aihe92jOrUcnu_tIES7Y0OiiH9HNwW6wpGEHl5oRoRgmvR0LqU7vaC4xfR7Mk5PcAhAV8mek1JAWULmukcKDmG9ghzEMJsy9bCfKvqzWjbKNEg-wU4zmkS7Q8FShykhAROrk8dpW7ofZN2TGezy1M1nqbW8qK1fL74LB1OpakLEYnyHIWfWiImiaMO4IDnBoAEFuvx4o9nLpKuLeA&sai=AMfl-YTAYgrgD8Dt73jLhSZVVt1sDwLv7VR2WOCjH9LSVgCO8OWgB9Lpq6sMWzvSiYSW5n1-2Y6sVhiDEO336kx3b2XV_gm_Mv0IBbz6Os4MAuVQsD_YgIBKchuOJqgxhvXduHGvUScpTwSVxopaOBobdSwNsbkehGf1guNWTlSmNVSiet_NJ7i-BQ6OziuIEAeYM3QGSbN4aaAs-rz8zl5e79uzLpbnN21civijGNCmaZnczxQWcHdn1rkizwUSD0rCgA6RC-RpDmDy-Q&sig=Cg0ArKJSzCsZQu6jS4rsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=453&vt=11&dtpt=256&dett=3&cstd=195&cisv=r20221110.57315&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: dramasq.su
URL: https://dramasq.su/video/144162-2-1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 15:42:44 GMT

GET index.m3u8
iqiyi.sd-play.com/20220408/i31eJbcN/ Frame 3F46 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
86ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d15ba1be3c384420c743459c520f86f656c1e1e75505fcd49dd18dbef290d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11122
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 15:42:44 GMT

GET index.m3u8
iqiyi.sd-play.com/20220408/i31eJbcN/ Frame 3F46 0
0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DD9 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 14:27:45 GMT
expires: Sun, 26 Nov 2023 14:27:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1308 783 B
536 B 48ms
48ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ae1ed80f95b8f6a49572ca84893c1b3fb25f9852f53daff8c33e151ecb4ab43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gVHsT0pTkEf2RNSwXB6N0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dramasq.su/video/144162-2-1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-gVHsT0pTkEf2RNSwXB6N0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 15:42:44 GMT
expires: Sat, 26 Nov 2022 15:42:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DD9 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Nov 2023 11:59:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1308 0
0 71ms
70ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1717126899880868&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0DD9 0
10 B 37ms
36ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MTfKmQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:42:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1717126899880868&bg=!PT6lPnrNAAbvMpMzzzI7ACkAdvg8Ws-xYP1-Rzc3NE2Umlc7o1bSR0G1QSL2StJa-udTl3eWhBftEAIAAABnUgAAAAJoAQcKANiWthCceBKcq7fwS06oa3hJmn9P45fJVaAv0mV2UECPlCXdMkrJWa85EsXJ9GwokzOcPdG7rZGvs0B4zLQG_u2zBuuRwN0LNYSG78txenrA9cUQHUT-SBka_dzl45vylc9Bnuf3YwuU56zT4DzIkywcE9NkL3V2po1hwL6paOteZyy-C-BONwHxIYXkc6pfG44gpMW863XAtVmr8ogEEv5FZV-Q9nO9ccW3R9hcw_bwixrXI1nhFDabf7FGRsKtkUZZ74LL5Unb020S2voXFHYevgduTi3b6xiZAp28-bUGpEO8tKOUNUYnLvLPfa7XEx_dYouzV8kJ8KAW7Mf9tFJc5ScIk49-M1vmhMkbMgeRAPB7afPlkzxRzc_HCgQ1fb3W9-hnuEpjC4fw4RbxI5lbb_vurZG7dgBk32uAsqurv1SFiMngDK6-46Zn7hO86FquPGFsJSf4QGXyhk868yfZDztl0eUEE8H1Xc2KKpI4n8yXpP-Igisp9P_vEbMJaPMlJhvYrB89n897zxjeWqo1C9xcZ33CVqtcrdysc-j59gDuOyYSlTsYVDtalcsGpbhjRSHiTIIqRhO_l_U5yO2EEOoWvIyx_7sdh06xNCiDGM7Zt40d9BYdd7GaYlZSKqEgDnyLLiYzDfeDWGhjg9cvULKPw4j5GaVnzA_l0Yty3PTpDvJwtMPktYAU5511ChCGnbwtGV7ot2jajcJFICzyKWyCDrsWIx7QfKklt3bbWmFF91uSrRvHghLnENc-Zu61Xg4IiKYoMhAw12ANglg-bYXbDus3gDmMNPpDROrWK-isOuZI8mP2xQPRZ1vGrUo04c-CXQ9VjLzv84MIIElrlZQ6gfXjPBR9xftP_w-eGejguHGil5pXS8SufVa_0JgtyNJerKEMQc3Tlz_Q_9ml5tUlz0eJx1clD3OeUieEntNrYlJ8ar0g6NTuFgCjxdzCgRm4tLDBbPJokIFZA6tn8V3hQkyZl2uymxVUtzbgHT4DKSS9tBg7q2JYqn-H9v0Wc1MSmexC6hW5HXTO8menfTQhixAvO95YVXJf4IZNQAi7Rj4u4a9XruS4JGOqUXiTH0jfAlyeSuN1ZxyLVhl1mmcjp4qQprX8nWqaCYyeFMxJXmB-cuzBpcLAxexQxEzXm9uEfL3NDbxFDk-wDRWUa2tCIM5Ks2k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dramasq.su/video/144162-2-1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 dc_oe=ChMI6o6j6ZfM-wIVQshRCh0FDAN9EAAYACDwmP5WOhoI4q-i2QIQg7qC2qwEGJPKyOEDIKvStY_gEEITCLamzeiXzPsCFeBNDwIdbNsHNA;dc_rmcid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA...
ade.googlesyndication.com/ddm/activity/ Frame 09BF 42 B
63 B 160ms
81ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6o6j6ZfM-wIVQshRCh0FDAN9EAAYACDwmP5WOhoI4q-i2QIQg7qC2qwEGJPKyOEDIKvStY_gEEITCLamzeiXzPsCFeBNDwIdbNsHNA;dc_rmcid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,289,273,439%26tos%3D0,2014,0,0,0%26mtos%3D0,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2178%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D204%26dur%3D28096%26vmtime%3D2186%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D0%26dvpt%3D2178%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.99%26mc%3D0.99%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D377858013%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1669477363379;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 09BF 42 B
64 B 74ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJSJRhrG2A5pLpIB94Vy0kLj757dZ4W-tlGS1bzGZTA1hZ-kOyrGkoYX4QKLXJmrbArcY70vLg78DYLxk0nj2h64Wbm0RCgzIWX-J2xNRW99iyqjVuduLK0QhqZw063nBvV3W8LQ&sai=AMfl-YRRgm4VyrQLeRvctp94t0apqRTkrIUWHKDomoMc-wak_o2itnwSX8CgNNzULf5TqKnwTr6CMZOvMrxd86g&sig=Cg0ArKJSzMMCInAjG1lkEAE&cid=CAQSGwDq26N9JPcCKV_Ax71UyOQaWkeUMa8nMy0cpxgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,289,273,439%26tos%3D0,2014,0,0,0%26mtos%3D0,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2178%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D204%26dur%3D28096%26vmtime%3D2186%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D0%26dvpt%3D2178%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.99%26mc%3D0.99%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D377858013%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1669477363379

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 15:42:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET index.m3u8
iqiyi.sd-play.com/20220408/i31eJbcN/ Frame 3F46 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: iqiyi.sd-play.com
URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8

Domain: iqiyi.sd-play.com
URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8

Domain: iqiyi.sd-play.com
URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477362998

Domain: iqiyi.sd-play.com
URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477362998

Domain: iqiyi.sd-play.com
URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477364378

Domain: iqiyi.sd-play.com
URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477364378

Domain: iqiyi.sd-play.com
URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477365837

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dramasq.su/static/player	1970-01-20 17:20:37	Name: p_h5_u Value: 5AE57EF9-5FA9-4185-A5F7-4AFC8B7A24C5
rm.itczenair.com/	1970-01-20 07:46:03	Name: GL_UI4 Value: eJw9jUtugzAYhAHzaJSCOhIHyBGwQiFeVj1El8jgH%2BIG7MjQoN6%2BVqV2NZ%2FmoQmCICoLhI%2BUgX3JV5yapjmPw4W3lai54JezUKKhsVHUKlGLGge9dpvsZ9piPE9kyOmhG6yiHC8%2B%2BnNuxu4mRtI7aVSOZPGNOUfWO7uv5EqG2MiFkL5fnfWaLPLTOjBetZ618RxWiOxasuKA7EMb5YfFERGvijwNcLzPchutWzqt0hDJ5KQihG94GuRGk3XfyBStt83eATur7r%2F%2F%2B8t2XiFV9NCDP7fbldwPEqhKMg%3D%3D
rm.itczenair.com/	1970-01-20 07:46:03	Name: GL_GI10 Value: eJw9i8kKwkAQRLNINGoiBf6GIQpBzy74BZ6HGFsZJN3DZFzi1xsVPFVRr57necE0RaANxqs8WxRFtszmeYHwQoJgu8O4khs72youa0J%2FT7YuuUVk6aKFE4x%2BRVVyIgy3u9mBrywP%2FoOPl6BXadcmiD%2Fx%2FaYDhLoxSDZiabYuq%2BtRmBAzOdUYohPijhixpSOk%2F%2FXrRiEGulHGyrONfEycrunV2UrO54ZcN%2Fn3KHgDpZ9BXw%3D%3D
.dramasq.su/	1970-01-20 17:20:37	Name: _ga Value: GA1.2.1736484645.1669477361
.dramasq.su/	1970-01-20 07:46:03	Name: _gid Value: GA1.2.1070202464.1669477361
.dramasq.su/	1970-01-20 07:44:37	Name: _gat_gtag_UA_190312450_2 Value: 1
.dramasq.su/	1970-01-20 17:06:13	Name: __gads Value: ID=942f84c90b4f66e6-2225e61254b4007b:T=1669477361:RT=1669477361:S=ALNI_MYfvFCao8jy8JuAWNM1D6TbiCeUdA
.dramasq.su/	1970-01-20 17:06:13	Name: __gpi Value: UID=000008baf26352c5:T=1669477361:RT=1669477361:S=ALNI_MYnHL7QPMtys9gI6UO3NJATqIP0gg
.doubleclick.net/	1970-01-20 17:06:13	Name: IDE Value: AHWqTUl639kY8tu11tpEUraJ0gK4UhqEcSUINdvMIrJdf4dKlp8KTJxPYPh8IaWQsqI
.doubleclick.net/	1970-01-20 07:44:40	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 09:54:13	Name: uuid2 Value: 3696993782881941683
.casalemedia.com/	1970-01-20 09:54:13	Name: CMPS Value: 1186
.casalemedia.com/	1970-01-20 09:54:13	Name: CMPRO Value: 1186
.adnxs.com/	1970-01-20 09:54:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>w8=Y@!]tbPl1M>e)ZlrFUfJ+tGXxoyJ-QX5XrPRlSHGaF<T7E7?O/i<Q<<@?-LXo^bpRzqF1`b`J'CBKv
.casalemedia.com/	1970-01-20 16:30:13	Name: CMID Value: Y4Iz8zzBoPatVKJKEKsR4wAA
.casalemedia.com/	1970-01-20 09:54:13	Name: CMTS Value: 5216
.innovid.com/	1970-01-20 09:54:13	Name: uuid Value: 82230fdf-1b39-4843-a9d9-3716b8110999-20221126 10:42:44
.e.dlx.addthis.com/	1970-01-20 17:14:51	Name: na_tc Value: Y
.quantserve.com/	1970-01-20 09:54:13	Name: d Value: EGoBCQHVJ4EA
.quantserve.com/	1970-01-20 17:14:51	Name: mc Value: 638233f3-dde7a-a18dd-21d7c
.addthis.com/	1970-01-20 17:14:51	Name: na_id Value: 2022112615424400054278755203
.addthis.com/	1970-01-20 17:14:51	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:14:51	Name: uid Value: 638233f415610e22
.addthis.com/	1970-01-20 17:14:51	Name: ouid Value: 638233f400018a86e572250a9969cbc5f4b7b66e8653c9763150
.dlx.addthis.com/	1970-01-20 08:27:49	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:27:49	Name: na_sr Value: 20221126
.dlx.addthis.com/	1970-01-20 07:44:37	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:27:49	Name: na_sc_e Value: 0
.pubmatic.com/	1970-01-20 07:46:03	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:54:13	Name: KADUSERCOOKIE Value: CBEAE831-C295-43BB-B41C-921A360D46F7

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://dramasq.su/static/player/aliplayer.html Message: Access to XMLHttpRequest at 'https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8' from origin 'https://dramasq.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://dramasq.su/static/player/aliplayer.html Message: Access to XMLHttpRequest at 'https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8' from origin 'https://dramasq.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dramasq.su/static/player/aliplayer.html Message: Access to XMLHttpRequest at 'https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477362998' from origin 'https://dramasq.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477362998 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FYOzHCkqXg1eIwinAj9KE8abh7Jn4C7VCBhQyj0yfoGun2jPsek3z22jbnNCDMtJO5-6O_hzP4svJISPBh6zXjPgAKFgdw&google_gid=CAESEJPiPDd5JMIODZEn2J7hdPY&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://dramasq.su/static/player/aliplayer.html Message: Access to XMLHttpRequest at 'https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477362998' from origin 'https://dramasq.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477362998 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dramasq.su/static/player/aliplayer.html Message: Access to XMLHttpRequest at 'https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477364378' from origin 'https://dramasq.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477364378 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dramasq.su/static/player/aliplayer.html Message: Access to XMLHttpRequest at 'https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477364378' from origin 'https://dramasq.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://iqiyi.sd-play.com/20220408/i31eJbcN/index.m3u8?_t=1669477364378 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
ad.atdmt.com
ade.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
bid.g.doubleclick.net
c.disquscdn.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
csm.eu.criteo.net
disqus.com
dramasq.su
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
g.alicdn.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
iqiyi.sd-play.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
player.alicdn.com
qdramas.disqus.com
r4---sn-4g5edndy.c.2mdn.net
referrer.disqus.com
rm.itczenair.com
rtb.nl.eu.criteo.com
s0.2mdn.net
ssum-sec.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
iqiyi.sd-play.com
142.250.110.157
142.250.184.226
151.101.64.134
163.181.56.192
163.181.56.193
172.217.16.194
172.255.6.145
172.64.154.237
178.250.2.148
185.64.190.78
185.80.39.216
185.89.211.84
199.232.192.134
199.232.196.134
199.232.198.49
2001:4860:4802:32::3
2600:9000:21f3:dc00:6:8656:f5c0:93a1
2606:4700:3031::ac43:a742
2606:4700::6811:180e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:25::9
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::c
2a03:2880:f02d:5:face:b00c:0:8c
2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832
35.244.174.68
69.173.144.139
69.192.160.219
02a4b3bdc270ae97ee026e7f601e2edb89acc0caca1424a53fa3878ae01e5082
04297c70dff76164a1309eb414b03a640772c243004944da44d173f9fa321663
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146b3fe99f274d3ae5c911a6105d8b42fb87bbefe59dabbb336f833a4d7483d5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2314e02722993060d7c6b246aa38d16afd40ac3656c4179c431be398b36299f0
2488ab90f68bf879e8fc6e9ca9c21e7d8a04c4fe3deb0cab30d36b1679c6f1e6
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
302156bf36b0276f15d21e631fe4b41545ea9f28e7b21a86095f5a544e68b040
30403bfa0ebd552a8a5bfa6edcba8504fba7aeed2825a4e1ee927e94b605e221
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
42780ed534ee72051247e5eaabb413d2bc052377e2a76d1182ceabef27752807
43f035597715b360366c70d7ff096c07d206a74101852f0d92ef0fb7a76053ac
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d15ba1be3c384420c743459c520f86f656c1e1e75505fcd49dd18dbef290d8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e49ca389e64672dd9ee5e9ca535e8da25ba7876e14c52d47dc5e5689739dde8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
60d27adc3c39b1855f5653b922104827b1dc584facd1b81db5eda5f3d84b179c
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61822ff1ee4c1c154e32bf4649434ad1556250bb36d3af57dfbb00bc9b9388c1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b1b9a413113fe2791c898f99d815951288acdbb06ce30608183098fed5d4f2
62fff7f49809978b71243e71873d3614afd624b43c743414d29423b360c2cb5c
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf458bc0f05f226be426a4cf7323d3b18bf15d21f7aabc592548aef91a731fd
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73adee2b086f567376f01cacfa67d31f4e31d7fde2b0e9ea4cb764c36b8d0205
76f3abfb7c15e9cab67e0813cd895b70038782d13c25053db1c5cc354f476cfe
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
856cee649cf11b6482c8099d864742150b5985c63cdd0f1677331c759a21c646
85c2b8f777ca54e9d2547d9a2cef3d08e7dc862089d5206460d37234522e8240
875de77554107ae24fa766cb7d5c6b629dc55d28599b51b504df1c9d0360bef5
880c90be448dc22932c0fbd9b6275c611c682130e1e0081debd04ef277e6218b
8ae1ed80f95b8f6a49572ca84893c1b3fb25f9852f53daff8c33e151ecb4ab43
8e99cf86dfbb1778c8b2816fe47e39b76a93241db0d25700bc2df707b8ccef6c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adeb22e1d04ce2fed9529878dc6bac53f953c1c5f3273c5f8f2df71007b3821
9cd0b39a4d8b8187d6c27d68c38f33a02ff7e7abf59ce05958c3825c8fb84425
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a292e46c52585f2eedbcb2814b35c434fffe560bd0573f52c3447a89ea4fbe5e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66
a69f44f56fc864222c446a7d36175adde422fc766944cdc91b81d1cbc5d3f864
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a89a9bd1aa20312a54e62ed40ebba5eba9c0d445e81c478e2ea934995b6af843
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
ae07586aee87f0419c6aaf57400f2472ed10613979c0e0839184c85529751883
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b51a795671380c9b4dc816b657dd48c2653b1d9f99944984cf85306f195dbb76
ba1b3d88e503c0fd80135acdb1205abc43c3009d41172f565818bf635214f494
bb1e17a8bc272edc357e43e10f8da68bccf99e72a21ba3b70a89586f8e6a956d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf3d78756358116e3a86ce829439d517df9da664e92785241faafc0c885a5d0
bdfa3d92287fdb3bb869f96fe21b3866f5fb913f66e0daf3149e0765496c74d5
c027881b5e260639cb9cca444778b0acf14d10228389ae27b5f39432908b1065
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c243f25a0ea0566f778f18ae5aa0b88999ca805bb6d378454c6bc62264dd6595
c3263e523ecbc44c7ca091551c4860c75cad83307b3afa01a3998251d161835d
c850c1e3113de18c72c8b24dd974563ec074d5c37c2309837d33c319f0afcc58
c94df507d0f7e5a2a51db784ed726ec06721f3cc951d5951163131a51ef44556
c9d473af81da43890966a7c5ebdcb58a389b1dadd284c8ccb1a2dbc44e9b0b8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d2d5a918bc51477cf57a07e8753a118ff27f60a951c359533816704f08ae86d8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da8e1a89b08797ffa3c4df6796414e871f84cbe8191fb6d5f2374e88b116f0d2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
ea0129ee358ec0abfa049ad0292695a36dfeb2f8aa79cdafd8453f12b63f5ef5
eced73079ce844d264c4f0eb3b29a03c18e87c44ab94de0b23a40b121705e3d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f418cb371f0e466298dc743bc5931b772fa90df20234bf447f43c8f2812976f7
f4ff3ae8af4440e473b75c163d810bc39097f20292283862153cc34684ff31d1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f57c6db9f8bf98a8f3c96b995f9d0219d535afdacb327cfbb41441654bb8dc85
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ebaa4d00218294bc60df537edf7b89687b4057da8f673c4fc9671b5dea9f5c
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa
ff41638e427ea9c796df6097be56a8d87998e40e755f5f9655232ceae785181a
ffbec80d79ce99290da86b6499973b189b5594920c9e8894e53c41edb9f1a11c

dramasq.su Open in urlscan Pro 2606:4700:3031::ac43:a742 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

191 Requests

92 %HTTPS

61 %IPv6

29 Domains

49 Subdomains

42 IPs

6 Countries

2673 kBTransfer

10146 kBSize

30 Cookies

0 Outgoing links

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dramasq.su Open in urlscan Pro
2606:4700:3031::ac43:a742 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

92 %
HTTPS

61 %
IPv6

29
Domains

49
Subdomains

42
IPs

6
Countries

2673 kB
Transfer

10146 kB
Size

30
Cookies

191 HTTP transactions
8 data transactions