geekon.media Open in urlscan Pro
2606:4700:3030::ac43:a810 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://geekon.media/utilita-driverpack-notifier/
Submission: On January 27 via manual (January 27th 2022, 12:46:37 pm UTC) from RU — Scanned from DE

Summary HTTP 214 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 38 IPs in 10 countries across 42 domains to perform 214 HTTP transactions. The main IP is 2606:4700:3030::ac43:a810, located in United States and belongs to CLOUDFLARENET, US. The main domain is geekon.media.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 1st 2021. Valid for: a year.

This is the only time geekon.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
73	2606:4700:303... 2606:4700:3030::ac43:a810	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3 14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
2 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 15	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
12 40	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
3	2a00:1450:400... 2a00:1450:4007:807::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
2 2	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	80.64.106.152 80.64.106.152	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
2 2	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	91.192.150.14 91.192.150.14	42481 (BEGUN-AS) (BEGUN-AS)
1 2	54.194.244.117 54.194.244.117	16509 (AMAZON-02) (AMAZON-02)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2 2	148.251.236.115 148.251.236.115	24940 (HETZNER-AS) (HETZNER-AS)
1 1	144.76.138.28 144.76.138.28	24940 (HETZNER-AS) (HETZNER-AS)
3 3	172.217.22.130 172.217.22.130	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 3	188.42.29.166 188.42.29.166	7979 (SERVERS-COM) (SERVERS-COM)
3 3	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
1 1	157.90.179.219 157.90.179.219	24940 (HETZNER-AS) (HETZNER-AS)
1 1	81.163.17.245 81.163.17.245	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 2	217.66.147.161 217.66.147.161	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	91.207.59.214 91.207.59.214	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (YNDX) (YNDX)
1	2a02:6b8::158 2a02:6b8::158	208722 (YNDX) (YNDX)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 8	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
214	38

73 2606:4700:3030::ac43:a810 (United States)

ASN13335 (CLOUDFLARENET, US)

geekon.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland) 1 redirects

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a02:6b8::90 (Moscow, Russian Federation) 12 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4007:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.134 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.152 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.214.77 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.244.117 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-244-117.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.115 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.138.28 (Thale, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-3.community.moscow

0f37706a-b140-474d-94b3-7546b2048d67.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: par21s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.29.166 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.71 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.179.219 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1407627.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN50340 (SELECTEL-MSK, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.161 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-161-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.207.59.214 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp9.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::158 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

storage.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	geekon.media geekon.media	820 KB
46	yandex.ru 13 redirects yandex.ru — Cisco Umbrella Rank: 1452 mc.yandex.ru — Cisco Umbrella Rank: 2853 an.yandex.ru — Cisco Umbrella Rank: 3286 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 26784	206 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	334 KB
17	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	67 KB
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 pix.eu.criteo.net — Cisco Umbrella Rank: 7730 csm.eu.criteo.net — Cisco Umbrella Rank: 7881	231 KB
12	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 25627	3 KB
10	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de — Cisco Umbrella Rank: 5557	2 KB
7	yastatic.net yastatic.net — Cisco Umbrella Rank: 6518	203 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	104 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 777 www.googleadservices.com — Cisco Umbrella Rank: 106	16 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34403 tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 28552	1 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818	2 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33494 0f37706a-b140-474d-94b3-7546b2048d67.sync.upravel.com	2 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370 ads.eu.criteo.com — Cisco Umbrella Rank: 7925 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10541	45 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	810 B
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 6197	475 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	496 B
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	1023 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 77092 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 77216	847 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900	1 KB
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 13446	402 B
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 60595	976 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	5 KB
1	yandex.net storage.mds.yandex.net — Cisco Umbrella Rank: 23679	33 KB
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11367	204 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 2736	390 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 30411	785 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 37547	631 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 5658	410 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 81631	386 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 17609	244 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8294	332 B
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3215	2 KB
1	gravatar.com 1 redirects secure.gravatar.com — Cisco Umbrella Rank: 1713	326 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
214	42

	Domain	Requested by
73	geekon.media	geekon.media
40	an.yandex.ru	12 redirects yandex.ru geekon.media
13	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com geekon.media googleads.g.doubleclick.net www.googleadservices.com
12	mc.yandex.com	2 redirects geekon.media mc.yandex.ru
12	pagead2.googlesyndication.com	geekon.media pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	www.google.com	4 redirects tpc.googlesyndication.com
7	static.criteo.net	ads.eu.criteo.com
7	yastatic.net	yandex.ru yastatic.net geekon.media
6	www.google.de
5	pix.eu.criteo.net	ads.eu.criteo.com
3	www.googleadservices.com	2 redirects yastatic.net
3	acint.net	3 redirects
3	ads.betweendigital.com	2 redirects geekon.media
3	cm.g.doubleclick.net	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
3	mc.yandex.ru	1 redirects geekon.media yastatic.net
2	fonts.gstatic.com	fonts.googleapis.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	px.adhigh.net	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	sync.upravel.com	2 redirects
2	dm.hybrid.ai	geekon.media
2	dpm.demdex.net	1 redirects geekon.media
2	redirect.frontend.weborama.fr	2 redirects
2	sync.1dmp.io	2 redirects
2	x01.aidata.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	ssp.adriver.ru	geekon.media
2	sonar.semantiqo.com	1 redirects geekon.media
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	yandex.ru	geekon.media yastatic.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	storage.mds.yandex.net	yastatic.net
1	ysa-static.passport.yandex.ru	geekon.media
1	s.uuidksinc.net	1 redirects
1	sync.bumlam.com	geekon.media
1	tech.rtb.mts.ru	1 redirects
1	mitdmp.whiteboxdigital.ru	1 redirects
1	ssp-rtb.sape.ru	1 redirects
1	t.adx.opera.com	geekon.media
1	0f37706a-b140-474d-94b3-7546b2048d67.sync.upravel.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	profile.ssp.rambler.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	counter.yadro.ru	1 redirects
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	geekon.media
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i0.wp.com	geekon.media
1	secure.gravatar.com	1 redirects
1	www.googletagmanager.com	geekon.media
214	59

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
vk.com
www.youtube.com
drp.su
www.facebook.com
telegram.me
vkontakte.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-01` - `2022-10-31`	a year	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-06`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
storage.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://geekon.media/utilita-driverpack-notifier/
Frame ID: F6917C18DA849925B22C26FB5BF8A383
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html
Frame ID: 8412791E9F9EB80EAE47EB1648010DD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3652607746689866&output=html&adk=1812271804&adf=3025194257&lmt=1643287591&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643287591294&bpp=2&bdt=478&idt=124&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5414513662409&frm=20&pv=2&ga_vid=586390742.1643287591&ga_sid=1643287591&ga_hid=243060066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064215%2C31063911&oid=2&pvsid=3213485485922822&pem=513&tmod=186438183&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
Frame ID: 37A63B789B604A95AE69477B931CAD5E
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: C31193486E049B85D62B82C0CEB0C254
Requests: 50 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Frame ID: 1860385B82CDCE4676CBD5DC2463F47E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Frame ID: B755B512FFF16DDA93707D8B0AA94E31
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
Frame ID: 07B0222B18E520EA9B839B7FA73DDA0D
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfKUJwAHSOAIEdT1AAkAaLikaxRxgoK4cM2kOg&u=%7CULEqQ6RgNOP5j3M8B7dsg3Z8C4w6l5Rz2g85uuRpjl4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdjddh99QX_IRmoIq6E8e4B6l4znzR18_oqem7VOd7mleG59YdEhRPhTkMft_-H6cnKVcSufIiMRUUK9oFYlF17Ln2YwG5cwC7SGgsW9H6YbyypN37gipGUe6P9UT1M9YxI0d-Cg4PXi2hf31QMQ4X74QZ1Qsg7Ngjmf22HT_dPDEVwO2d-rRDHmXJmzWcpBDwNmULqJXIxsEzt2VrJl_uzb3ozMEyAEYlpman3w-mLNshK4iT0yL1azdtNAkit0J_rwjBaOQfVApj-ugAH9wC8UaKqIJJ5IR0_Ac1wKkDQjbq-MEmtILwZv-DQvfDt41VM8KOQA3O5YKbybWeRF8BgToy0ciRe00JY5Y2abY2URE08FJb4PGYO0mv9bFENLEEkqld3DkUIlJIE8dYBT2oF-Pk7W2TOPDo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJPHCJ5TyYeCRHfWpx_AP6ICkoAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NTI2MDc3NDY2ODk4NjagAdW20uoDyAEJqQIjkljJesuyPqgDAaoE2QFP0EV6VbCAC7KIWI68cdqIrmn1gJWrgg1Ux2AgQvPtsb07sNDc03gaiwvNcHN8cIRRYPMnNaqepVs7pFu15TlJXrLk0VMxNg1A7SP6CDdCORWdqH3K4qyy8dpdxY_UhcV0DFo8tGyMRJFoqVurk0Fe_U7yRB1k9IxR_RlLAoFzB3hUal5HV8OQ6Gh9fS9gyunnLhq9eMuKsNqr0fwsZKPqyqaoVeqdkKsUayEXIqRK48ZPgilqdNKg0KhKz_b8a-iMGKVR-RYnXlsvQzQ7NZ0xF2S9F0U3qfbAgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jRnxyOSXVg23AdbSMPwAt5ffxAg%26client%3Dca-pub-3652607746689866%26adurl%3D
Frame ID: 65421135D82E36B2FDF7CCBDA94DF0B4
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2521190F62284995533B5827EC151ABF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 42A8D7C41F69EDC339855AEA4D289304
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js
Frame ID: 7C352BEDEAA999154AF79C8475B39ADD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 76ADD605D1800C7535A8EFDC107EBC14
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 193A06912F034D4D7DACE382F9CF8DC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DriverPack Notifier: что это за программа, как удалить, зачем нужнаpict

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

214
Requests

87 %
HTTPS

47 %
IPv6

42
Domains

59
Subdomains

38
IPs

10
Countries

2204 kB
Transfer

6310 kB
Size

58
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/geekon.media/

Search URL Search Domain Scan URL

URL: https://twitter.com/windowstenru

Search URL Search Domain Scan URL

URL: https://vk.com/windowstenru

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCgWLjJ-UdPu_Txx0vS787Tw

Search URL Search Domain Scan URL

URL: https://drp.su/ru
Title: DriverPack Solution

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%9E%D0%B1%D0%B7%D0%BE%D1%80+%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B+DriverPack+Notifier&url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&via=GEEKon+-+%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C+%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C+%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%2C+%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%2C+%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C.
Title: Twitter

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://geekon.media/utilita-driverpack-notifier/&text=%D0%9E%D0%B1%D0%B7%D0%BE%D1%80%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20DriverPack%20Notifier
Title: Telegram

Search URL Search Domain Scan URL

URL: https://vkontakte.ru/share.php?url=https://geekon.media/utilita-driverpack-notifier/
Title: VK

Search URL Search Domain Scan URL

URL: https://www.facebook.com/geekon.media
Title: 2485подписчиков

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://secure.gravatar.com/avatar/e8bafdba44c9ff11275a3295b0e5d206?s=50&d=https%3A%2F%2Fgeekon.media%2Fwp-content%2Fuploads%2F2019%2F12%2Fstnd.png&r=g HTTP 302
https://i0.wp.com/geekon.media/wp-content/uploads/2019/12/stnd.png?ssl=1

Request Chain 90

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9531.NLRclQ4nmVICUCh_DRzqeDAbkWp0Pc-7L6y5WaNvq9QGGO7OZ_H0p-VMXT5q33mg.dsZ1UpNoyikUwHnhtx7FEWRep8I%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9531.JPVCWcZFbL_UPdpgy9_A87zjK4w_MNOvXVNlU3fn_UznXonZDCg7sGSBzvQcO8v_AypOyRlj4nTxo_T7MM0cvA%2C%2C.ZoKacRhOvAAUQjIEdvMKJ1Q26ac%2C

Request Chain 92

https://mc.yandex.com/watch/56623264?wmode=7&page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1170%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A838170811120%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A663521633%3Arqn%3A1%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643287590054%3Ads%3A13%2C66%2C679%2C5%2C%2C0%2C%2C652%2C47%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592%3At%3ADriverPack%20Notifier%3A%20%D1%87%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B8%D1%82%D1%8C%2C%20%D0%B7%D0%B0%D1%87%D0%B5%D0%BC%20%D0%BD%D1%83%D0%B6%D0%BD%D0%B0&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/56623264/1?wmode=7&page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1170%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A838170811120%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A663521633%3Arqn%3A1%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643287590054%3Ads%3A13%2C66%2C679%2C5%2C%2C0%2C%2C652%2C47%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592%3At%3ADriverPack%20Notifier%3A%20%D1%87%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B8%D1%82%D1%8C%2C%20%D0%B7%D0%B0%D1%87%D0%B5%D0%BC%20%D0%BD%D1%83%D0%B6%D0%BD%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 119

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=df4cef9a9d6d450ab5ec60d0d98b0a43 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=df4cef9a9d6d450ab5ec60d0d98b0a43

Request Chain 121

https://dmg.digitaltarget.ru/1/119/i/i?i=1643287591 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1643287591 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/6jI.p8858vL03LH7n7je

Request Chain 122

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/MWY4WMh_pdKY?sign=1135416232

Request Chain 123

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/M_Ek-TSq6plb

Request Chain 124

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/kqcOxaNKgtMGAcKNkEDqKw?sign=2354490114

Request Chain 125

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/276a5460-7f6f-11ec-9752-901b0e8d9836?sign=1947975097

Request Chain 126

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=4278350360 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/75YfeGV96GuypmN7zWL5vO

Request Chain 127

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 128

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=13EAED04D4642436 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=13EAED04D4642436

Request Chain 130

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/6b8dc2dd5cea5aa440f301e980b01ddc98309defad53d4b464d9e9ae728b25e2

Request Chain 131

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://0f37706a-b140-474d-94b3-7546b2048d67.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/0f37706a-b140-474d-94b3-7546b2048d67

Request Chain 132

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=164BEB8F901FF8ED&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 133

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=EA4C9FFAD1961893&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 134

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=EA4C9FFAD1961893&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 135

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=6AF89BD00F780187

Request Chain 136

https://an.yandex.ru/mapuid/betweenx/ HTTP 302
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=AC2D972DDC3F3180 HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=AC2D972DDC3F3180&crf=1

Request Chain 137

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F2994F2612400656B02758442&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/SAPEis/0100007F2994F26194067E070236B6AA

Request Chain 138

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D HTTP 302
https://an.yandex.ru/mapuid/qbitis/79fd841a-5ff2-41cd-ac1d-6a3097c476d2

Request Chain 139

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/19f5d1b9-6e39-511b-bb5d-04afdaaf9087

Request Chain 140

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fdff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f

Request Chain 144

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/Rz6iGp1AmOUfU0vh7VSI

Request Chain 145

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/xRvIN5nqtim.AikABlF-m5K-Xw

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 197

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KpTyYbb-BrbFx_APnae9oAM&random=905215648&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=905215648&crd=&is_vtc=1&random=3189939395 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=905215648&crd=&is_vtc=1&random=3189939395&ipr=y

Request Chain 198

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KpTyYa-EB8XUx_APwem-gA0&random=1204977858&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1204977858&crd=&is_vtc=1&random=1139778898 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1204977858&crd=&is_vtc=1&random=1139778898&ipr=y

Request Chain 204

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1643287594168&cv=9&fst=1643287594168&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/693627671/?random=1643287594168&cv=9&fst=1643284800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&is_vtc=1&random=248917789&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/693627671/?random=1643287594168&cv=9&fst=1643284800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&is_vtc=1&random=248917789&resp=GooglemKTybQhCsO&ipr=y

214 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
geekon.media/utilita-driverpack-notifier/ 196 KB
41 KB 759ms
680ms Document
text/html 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34537c09abb827f80652b0a5402f058069b17f58f0efd663f76622b49647dba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-type: text/html; charset=UTF-8
link: <https://geekon.media/wp-json/>; rel="https://api.w.org/" <https://geekon.media/?p=19209>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6G%2FMbxIgLCOoPWIh8uSUFPRyOjCMKOgNNvlB9TyhJE5wQi4iXMzHqSJeWnL%2BproDWKlGdXi2QYUpUOA83SO6%2FGKC91II1Zuo45G3wQTEvNgDOsSltscuGkHxALmzk4rLv6%2Fg5EabMXD9GHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d42158e6b9f59fb-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 decom.css
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/ 83 KB
11 KB 189ms
185ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/decom.css?ver=1
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2014f80a8d8e040eb39b22e58c1a1d58c4b7b03c4ae5c713f88f859f4a6a47e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Dec 2019 12:41:48 GMT
server: cloudflare
etag: W/"5e05fc0c-14df7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jg82kTyrjAroZ%2BFlFS5GHc8hnEDMepQE6VSxbjFgnwAA0gOwc7faILNZvt6U5Mqk3l%2BqBp1F6wMHzN7By98vLLUTKHwC3aYzPX9B%2FoRDjtwUpCIV5ui3EyYIQeG0LLaSz9UKMrtfRd8qeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421592ca8e59fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fonts-def.css
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/ 1 KB
756 B 69ms
66ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/fonts-def.css?ver=1
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028c7ad5ddf43fd23551fd53ed45ac037958a4956b88f30367a01bb127b119b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6810759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 Dec 2019 12:41:48 GMT
server: cloudflare
etag: W/"5e05fc0c-53b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0%2Fhbkt3urSMWb5LbRTme%2F8CjnaB3MKME29Ja7N5EVC2v4FYtIs%2BP6%2Bx2avqghsk%2FBQ6%2Bg5w%2F4vYS%2BiW8%2Bj9ueXrTJ2ITIj2mYcaJDOwG9JJ%2BY1NlLu1zAo%2BGgi1l0NxoV5h85oCmRE2NOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6d421592ca8f59fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
geekon.media/wp-includes/css/dist/block-library/ 52 KB
8 KB 201ms
198ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 May 2020 17:13:43 GMT
server: cloudflare
etag: W/"5ebd7c47-d159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nt6AFnJfywz9nxPLnjL5FO3X1L%2FhSKVJQiWgwIeI2ZMVUqXbhYrNvUIR6Gb5QmqTvUS8GWwzoy1fEKoNmNMjLjxQRYsZvEq%2B4Wg9oo1eH2fhS8QxD0pm%2BSqLhk9Xl0sHtkFluFHXzSYrapU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421592ca9259fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 better-recent-comments.min.css
geekon.media/wp-content/plugins/better-recent-comments/assets/css/ 1 KB
689 B 185ms
182ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/better-recent-comments/assets/css/better-recent-comments.min.css?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aef5deb25565ec2445ec74c5cedf70b41158f0cb7f106532a9401a905ab872c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Apr 2021 15:36:39 GMT
server: cloudflare
etag: W/"60843b07-438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGE1lrCtFbmz1pgL8VEBDmonDyGx3gDq6RGNZ0iE3IJAo3KeUdj6VnfQHBZ%2BsAad1cZ7sWcrC5dMrfB4%2B9LqSFGuJqHM6e%2FVosx2%2Bn6zpWDUvc4ezSn6NO%2FiFPCppyau2bVbjBSs2nQP5E8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421592ca9559fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
geekon.media/wp-content/plugins/contact-form-7/includes/css/ 2 KB
994 B 36ms
33ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.1
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026859
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 23 Aug 2020 18:25:08 GMT
server: cloudflare
etag: W/"5f42b484-780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kav8cpum8iKn6Nqvv%2BPioyAy7uNsJmj2g2mQ7SQA%2B2oRdprNr5jYCQRevRa2fqvR2l7qEJiLv%2FOLfQ69BYAF7Tgj0LZW9Z4cOEu%2F4Vf%2FqRqGtnjDKuunmAaK4t8wEn7jKCCGhJtUN4R8Ke8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6d421592ca9859fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postratings-css.css
geekon.media/wp-content/plugins/wp-postratings/css/ 1 KB
762 B 34ms
31ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6810759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 23 Aug 2020 18:26:01 GMT
server: cloudflare
etag: W/"5f42b4b9-549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjcZA45ZrO77GHe4SPr3mgaRsQJEylh8x9VvsPko5Ru4V6mjdNEXvA%2BHOnP2vB3awMKqFNIbLCDk0Bvj9zGt%2BVpSLp3HvKIjf597bxB7m4n5S2LRq7jjb6rwkcF54%2BX8KnRH2JvHTs2T%2F%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6d421592ca9b59fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
geekon.media/wp-content/plugins/td-composer/td-multi-purpose/ 68 KB
10 KB 212ms
209ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=9b761fb88cde3d1bd90677504fc739fc
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb432ec7aaf41d24a1d03911b5a92905043d7d649cd21292a914850b907273e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 31 May 2019 08:07:49 GMT
server: cloudflare
etag: W/"5cf0e0d5-111ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jso8xSG%2FdIZn%2BprPo6XU%2FS3Rztc1ur2fus5TzeBe15dnSqnbwNDgclVHKvXDpqFkCyLP6RxhX2rFeR765OlueGtEp93ogCwHEGn0Nr%2B7PcZKKaZ7WN83qe0CpcfsKB0aGKYdxTZJnKJ%2BjYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421592ca9d59fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.min.css
geekon.media/wp-content/plugins/easy-fancybox/css/ 4 KB
1 KB 46ms
44ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 Sep 2019 07:34:40 GMT
server: cloudflare
etag: W/"5d81de10-fda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5KqxwejvQTJG%2BecY5gxlSr8nBvoZFYyAYX3SZNpT6%2F%2FUHv%2Fk9J4u3qhnFPJmCxN85gEi5LhAk3cuIaEscyBS9My0o56SDrbcI7%2BbCcInVn4go0gtrSA2dnLW6%2BfacBoTAHZcRfWrym4Cv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6d421592caa259fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
geekon.media/wp-content/themes/Newspaper/ 1 MB
125 KB 54ms
52ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/style.css?ver=9.2.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae3b5455c186cf57a7ac18c85665ba81f999a790cb4ae44c0245ae228cf5ec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1027160
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Apr 2021 15:58:23 GMT
server: cloudflare
etag: W/"6084401f-1242f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dQYaNXVKwoPpxxubgv0FZF%2FBkbLUqZxHVSUp4xg6l15cv7iS%2BHmBDRu6ydd0CEfkJtrMaZXuMUcIEk3yv2XE%2FcpfggxYpPmeS8WxJhB1ELZfCRTDvJLOueKFUeK6gbMZH2XOCKOyqI5KlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6d421592cac859fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 geekon-style.css
geekon.media/wp-content/themes/Newspaper/ 43 KB
9 KB 201ms
199ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b136230b3162da3081e60db1b42bb9febf58f54d0032ed9f19cbdcc9a0f6e77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 10 May 2021 16:59:19 GMT
server: cloudflare
etag: W/"60996667-ac72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwXWnjqE1n5Fl09uMpxJU4M7BHnVP33wkvgOakRGJpbDO98pSCOxY3NMwUrdUM6kuCWBq5Vaq9uZh3Zujpg0jHuyShvo9k4SShrucLIZcrIqPwkA4LEQ1Q1dJFJmkTnhaSekr963K%2F44P2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421592cac959fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
geekon.media/wp-includes/js/jquery/ 95 KB
34 KB 48ms
46ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6810759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Jan 2020 19:07:55 GMT
server: cloudflare
etag: W/"5e2c920b-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biw2ScSM%2BTyd9S9U1A6etLaaXbODDToz5nMyR1rnFYYeztmqu%2F454WVq8OzWSzMMYBNNn6yWt%2B6cQ2lFn11ceQxchEezJC55ccB%2BlbdLpPRTeUdN%2FFunwJvds%2Bis6LBcuOvhZDMtMkyt6Oo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d421592eae559fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
geekon.media/wp-includes/js/jquery/ 10 KB
4 KB 46ms
45ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Jan 2020 19:07:54 GMT
server: cloudflare
etag: W/"5e2c920a-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKIFipNmAHaMvW8WaNp9uFl89i0Pv%2FgMLyR8DKLH1XZsNYHr3qHMIXxtCaLark1aj3L7PUHj9ZBM0BXEZSwDVxPqIhLWlO9hDehqf15OKUmdaMECGaC6%2FOMkIx8V4UCFtiycV5TpE6FnNes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d421592eae859fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy-loading-adsense.js Show response
geekon.media/wp-content/themes/Newspaper/js/ 7 KB
2 KB 194ms
193ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/js/lazy-loading-adsense.js?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 399b4a45d2f2a2934d9e629e7103cafb185ddbeefb98f41013954b0b0d8cc811

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 01:10:48 GMT
server: cloudflare
etag: W/"5e2b9598-1ad0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyO4uA%2BWhRxSHfdysRXEgOvqxpz9dTeEGRyYNV9lwZdkjhC%2FhL6zBIbSREv9dUg0zVh9u0qtJ%2BCjyhjNoVROXUxQCQ0xU9ZjI1rSDr%2F7iCCs%2FZHc9d%2Bj9tetE%2BzZ65FTDhSP0aDH34PesNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421592eae959fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 progressbar.min.js Show response
geekon.media/wp-content/themes/Newspaper/js/ 29 KB
9 KB 205ms
204ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/js/progressbar.min.js?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aad357c6c62c7c1ee2a28daacbf47ee1f9679ef3981f8c9124d59b28ed4d6b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 01:10:48 GMT
server: cloudflare
etag: W/"5e2b9598-731a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vR8cGyXtCOulG%2FP5%2Fm643419wmtx6eWKmvGlGNfdXyZe9eiH43thsHweHBepARtkdSF0jwm0k8nQnx9oIU%2BjZ0%2FV340BNMf8bku9VeekrCGqsC5Bu58zeFs6UiIhZiAc9P1IR3Y4BeQ%2Fsc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421592eaeb59fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.scrollTo.min.js Show response
geekon.media/wp-content/themes/Newspaper/js/ 2 KB
2 KB 46ms
45ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/js/jquery.scrollTo.min.js?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16aa1c8bf3adefcc2e6210cbbbe584345d6b78aad4c2ea24931f779315aec054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Jan 2020 01:10:47 GMT
server: cloudflare
etag: W/"5e2b9597-98d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTYmBiBu0dSaU4mJGe7mC9QQoPz82Ea3vw7WvCOsT3VVBomsmHwim%2B%2BLYSxqRroaLZKEs2CPLguZf6JnIG4yjenm4MKJS0SPqiLO4KLFhrOvGkzWAX6cklqXtTJS7FVSJhhjliJfMNid1xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d421592eaec59fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme-script.js Show response
geekon.media/wp-content/themes/Newspaper/js/ 3 KB
2 KB 66ms
65ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/js/theme-script.js?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72384e83463fbdbc3765edf8c488c829fe35e7f330ed72341c6b22c89cd04d6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6810759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 24 Aug 2020 09:20:15 GMT
server: cloudflare
etag: W/"5f43864f-c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O28cS8lf1f0xugoEAMF9vIsBO6QDCIOkEHPWM0%2FNgVnwyoLABcYZcVInBy40OQ1IXjjvKspQmbD2%2BOkm1%2F2ROq3mSOjPe2wKbgOK9nJVQ1rZsRFeTAAVAUFwqzt2i%2FeE1nKV6F4Ruu%2FVb4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d421592eaef59fb-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 275 KB
75 KB 173ms
72ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0e7cec93d9dfd0b483699c26eb2eeb047726005db5f78faeb0d4f4de168f24f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1643287591186733-4698963792658529200-man0-6852-b90-man-l7-balancer-8080-BAL-1930
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 27 Jan 2022 13:46:31 GMT

GET
H3 200 / Show response
geekon.media/ 147 KB
32 KB 117ms
111ms Script
text/html 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/?wordfence_syncAttackData=1643287590.5465
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2694fad83a3e29d33cbb8e3010e369e0063a123dd18f978798623699d90228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CouIS%2BYdEF4EHKpgFaK2Qn%2BKjWAX9ZuRaOFSDYs2Ks7cX1VvFSQaDm3WUdZfZvuX3ZE9d%2F5WX49iFOZqlFfFDKHomTROaJ1R4pg87MoXG1Ky8PgZwy4FjArolSlYLae1sj7ntzHm0DgfBHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
last-modified: Mon, 24 Aug 2020 06:04:18 GMT
cf-ray: 6d421594494b374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 57ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3652607746689866

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602610a0277984c269d14892f6be6917ae8aa616437066d74c5e2bbd1e55cc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geekon.media/
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51937
x-xss-protection: 0
server: cafe
etag: 17285238525969776192
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 12:46:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 61ms
33ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122658051-2

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8baefff42a9252b458b0a1343f4720d5a1591d0733e1893054c2286dd40fd29c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35987
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 12:46:31 GMT

GET
H3 200 invisible.js Show response
geekon.media/cdn-cgi/challenge-platform/h/b/scripts/ 45 KB
16 KB 100ms
94ms Script
text/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82347851c58d691fdab29a2b0a83862420b5d0935bb4684de98cb597517fc429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fpj0Xi7LzC7Ac6mZd9CwNEj9u%2FK1SFtWtsZJfjY1kWNCz07z%2FaRiPWdaJJncJU8Vf6I6iFF3Bvz7fYZ7P70ol82raSKBuwjOee3%2Fm%2Fx83klWe6KYkkI%2BDiXujW14skjcooD%2B43jTfS%2FvpVA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6d421594494f374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo-mobile.png.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2019/12/ 1 KB
2 KB 71ms
66ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2019/12/logo-mobile.png.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830ecc2e347e520fae6c121c4a55fd5cae840703e2395d563510ea986f38d48d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1220
last-modified: Tue, 20 Apr 2021 16:55:31 GMT
server: cloudflare
etag: "607f0783-4c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAORrKc6BZZZUOFwFAF3ZlnUd06Te1MarjjrhHFgUia1Tz%2FoP%2FplBUEgpP6vazg2lkx7ZvjwgEUe0iqZekRYwVTv7q%2FvJamRxFWjARGSf3PbQwki9323OfFdWxJmrVzolKyg4HCH6Ym%2FKwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944954374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-top.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2019/12/ 1 KB
2 KB 71ms
66ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2019/12/logo-top.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b3874fc4922bfacd0c63c2ca52ebb40c051c71b5d370d6de2382a78ecbfdd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1027160
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1076
last-modified: Tue, 20 Apr 2021 16:55:30 GMT
server: cloudflare
etag: "607f0782-434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbGkAPrZ35HaH52802lQ%2F%2FqM3xpJg%2Br8KHjn7vvdrcxhpx482Gi%2BA%2BmJemQUl8PaJNwb8SkyBkADyw99KJgHvZ3CK5zLvUysJCTN5FY9QMdUNBbPZ%2BNuISOsOjJ%2FnH3iZGzNQBhbqMJODP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944956374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

stnd.png
i0.wp.com/geekon.media/wp-content/uploads/2019/12/
Redirect Chain

https://secure.gravatar.com/avatar/e8bafdba44c9ff11275a3295b0e5d206?s=50&d=https%3A%2F%2Fgeekon.media%2Fwp-content%2Fuploads%2F2019%2F12%2Fstnd.png&r=g
https://i0.wp.com/geekon.media/wp-content/uploads/2019/12/stnd.png?ssl=1

2 KB
2 KB

21ms
6ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/geekon.media/wp-content/uploads/2019/12/stnd.png?ssl=1

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

d48bb29748cfe1860d539cf08fac6903e77dca54fce490b490efa967be3cb948

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 27 Jan 2022 12:46:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:32:54 GMT
server: nginx
etag: "b08f17398cd51ce8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://geekon.media/wp-content/uploads/2019/12/stnd.png>; rel="canonical"
content-length: 2092
expires: Sat, 05 Nov 2022 20:32:54 GMT

Redirect headers

x-nc: HIT mxp 1
date: Thu, 27 Jan 2022 12:46:31 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: text/html; charset=utf-8
location: https://i0.wp.com/geekon.media/wp-content/uploads/2019/12/stnd.png?ssl=1
cache-control: max-age=300
link: <https://www.gravatar.com/avatar/e8bafdba44c9ff11275a3295b0e5d206?s=50&d=https%3A%2F%2Fgeekon.media%2Fwp-content%2Fuploads%2F2019%2F12%2Fstnd.png&r=g>; rel="canonical"
content-length: 0
expires: Thu, 27 Jan 2022 12:51:31 GMT

GET
H3 200 programma-driverpack-notifier.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ 4 KB
5 KB 213ms
208ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/programma-driverpack-notifier.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924ee044433047471bca031ea386471b79b980f08a43695ccfb376bb17a4a4ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4198
last-modified: Thu, 22 Apr 2021 04:16:15 GMT
server: cloudflare
etag: "6080f88f-1066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzGhIOTU7hY6ilcV2dQgb9CM7XRlfalwH%2F2dHaiNlV1tXdL7KDcXeSbQWc2kUBL09OZu%2BXMcYYf3egCAznOWhH4UqPbsPr6yX2gknkm%2FfoYee9k0t8a5CRts6ox3OfU1Qu7uTggxgrbvuZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944958374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 driverpack-solution.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ 4 KB
5 KB 190ms
185ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/driverpack-solution.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc60dc9bc0103bc9f80dd459bdc62f70f2045ee89db9e4ca0655197e5b1a09d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4508
last-modified: Thu, 22 Apr 2021 04:16:15 GMT
server: cloudflare
etag: "6080f88f-119c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysbq7amDqZCpozVcogxMzj64cfmd%2BRkr7cBHxCXnnabknPH4%2FgWEYb%2FLz%2BB%2FsOgokb2EzSH%2FuaAQfBUXZ17CbrgAOSa0%2FxViykGVtjYzatKMvd0Q1neWgaq9eDXfYLIvii0dePqCikbu1Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944959374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 glavnoye-okno-driverpack-solution-768x576.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ 17 KB
17 KB 252ms
247ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/glavnoye-okno-driverpack-solution-768x576.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa4d85217cd918a65f942fb37d36acbd4aba13f7633f06eb76a53f327e80c2cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17240
last-modified: Thu, 22 Apr 2021 08:57:55 GMT
server: cloudflare
etag: "60813a93-4358"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfpNMtytAHCOQRoJb9N8LlGXa1ypuyOwObs4xVaONcFScmo0bK8vrRkCbZqFjjBHbVtjt9p9mjyA0AZe06HwpPVm1KTlTDkwSPN5oe%2F1splMciazade3t7txkZ0arzdPHRLHRxLFZlfYQL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594495b374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ystanovka-osnovnih-programm-na-komputer-768x576.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ 21 KB
22 KB 241ms
236ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ystanovka-osnovnih-programm-na-komputer-768x576.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad4de7742394d5bf258feb9722e6e2fed353308dc164cc0349ed6caab9b2eb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21774
last-modified: Thu, 22 Apr 2021 08:57:55 GMT
server: cloudflare
etag: "60813a93-550e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qbk%2FZB6G2qgbnr77W9XAEkipgZs3MrYzfZKrqAR%2B8a2Ju%2FAnoAZLmvnGdY5vEvIJAXrh0HSUqdHCdMyIYYohkL4cNdbBkDSeVQ9YFTVOYCytoVab5Fije98DMi2P0VpzH9%2BGquQt2hkxow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594495c374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ustanovit-driver-pack-notifier-768x576.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ 20 KB
21 KB 253ms
248ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ustanovit-driver-pack-notifier-768x576.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ccfd397f5e87f8f9b3544cd2efae8eddaa2c7da36c2a304f2905e5a8efb4d33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20480
last-modified: Thu, 22 Apr 2021 08:57:55 GMT
server: cloudflare
etag: "60813a93-5000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVPlcWjv1j245YJH8DNTvHdAATJrJzPumD7KrsHU4DIL3T7vpkROd0li0BVLhPXqBiQr6uP8dHCt%2B3w5I4cAHwshy7Bi0QsE7YNbDkpuQvm6wzGWIUFeGvW9moLvxbzuxmM%2FMcfGesbPJ4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594495e374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ydalit-driver-pack-notifier.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ 38 KB
39 KB 255ms
250ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2017/01/ydalit-driver-pack-notifier.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7beac843e282909e5900624b9be08063a13a4048dfcd2d22999650d31f687b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39040
last-modified: Thu, 22 Apr 2021 04:16:15 GMT
server: cloudflare
etag: "6080f88f-9880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdP7GUiJDb6qpZe8f8vXXpVqtNiOMpUpcL2cwQrJRSLx3j06jc2OFDe6E5%2BTKs4%2BHI5x5wG4%2FmNaxFfLJfMGtue3lgKJZqG6yb48a%2FhRV8HZd2t8OWIEOxw39dy2oStTWFtYgJ%2FsMXobiII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944960374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rating_off.png
geekon.media/wp-content/plugins/wp-postratings/images/stars_custom/ 2 KB
2 KB 213ms
208ms Image
image/png 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/plugins/wp-postratings/images/stars_custom/rating_off.png
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563aa7f48e795f5b0f6a1a797821ddf6182b0a222050d2073d990c0a9c80483a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1798
last-modified: Sat, 28 Dec 2019 08:54:37 GMT
server: cloudflare
etag: "5e07184d-706"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJhlHtObPS4qIiVH7lfKLtCc8CwWgvwhAmFoW6m9vp97dsphzqSw%2BIE8jR290mTysLGHmG3x7LxbERx6F5vwietlDJULN1le0SqqfJuvgKderWQ9N5BrEIThHiv6Q%2Fz8WugmvfkzhinVt84%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944961374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 loading.gif
geekon.media/wp-content/plugins/wp-postratings/images/ 770 B
1 KB 70ms
66ms Image
image/gif 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/plugins/wp-postratings/images/loading.gif
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 770
last-modified: Sun, 23 Aug 2020 18:26:01 GMT
server: cloudflare
etag: "5f42b4b9-302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NylmWCtczmO34fKGt%2BwqwRO7NWl2v0YVis2AXRMEDb40urx20ElGMDHXL4Z240GJYtbuoRdz42PN%2BmTKTEra%2FcdQLpXXGNuktNUriTOPoXmALlzxq0vCvK2zrsWsCDZrzQ%2Bgle%2BaHO6Sejg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944962374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bonjour-360x200.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2016/07/ 3 KB
3 KB 213ms
208ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2016/07/bonjour-360x200.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0cdcfea2db6a2ae02c7c054c578daab3989cde2f4ee92ea1a595cc866d82d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2634
last-modified: Tue, 20 Apr 2021 17:01:54 GMT
server: cloudflare
etag: "607f0902-a4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFDUykRR7KLSgYKWnk%2FgLxldomqQMjpXGi6OfWk1fHBVP5JlzWzJLc6u8ErmGlwjy90OBs6FXIykKxkYrsGhxrUbcfR5wLAqOIop4r8S%2FJAdJI%2FSQv%2BedzAoHm8S3KwpZ%2B4p2MrgDgV8uPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944964374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 autoclicker_dlya_pc-356x220.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2019/04/ 7 KB
8 KB 189ms
185ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2019/04/autoclicker_dlya_pc-356x220.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5509acc92f9b0f25603fd8bf2848483b9b2f58cfe6686b7743fe6a06efd45bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7560
last-modified: Tue, 20 Apr 2021 16:57:38 GMT
server: cloudflare
etag: "607f0802-1d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdUcI4YV9gFcRdYeod08xD4eh1cqrP%2FhIW%2F99Ib%2B8xldDVjvcrFn3aZ1Enj5T8hYM8%2BCJkaI8wxJn4b1q0z6ubN7BQfISnaMkxVG2fpCNSeJ0YSPTO62zVaaY1OmEJOCzcWKT8HQUJuaAd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944966374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ios-360x180.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2018/08/ 2 KB
3 KB 213ms
209ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2018/08/ios-360x180.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7f8d5e923836be3207b66a721d640861471110f6f64ad4baff7313c1aa14ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2376
last-modified: Tue, 20 Apr 2021 17:01:54 GMT
server: cloudflare
etag: "607f0902-948"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYGaSStiq3lCbHFmLew%2BF12dBdgBgdZN6WH5WRnY7nCKsKG%2BGC4iohLdQv77gWM9AbEzxE%2FQJLIarFgRlyTJO204b0NQwgyVLK%2FqXpzqf3otvDfNjdMubj994f8cc%2BHpU3CaGqWTt0hLlpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944967374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 photo.svg
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/ 1 KB
1 KB 218ms
214ms Image
image/svg+xml 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/photo.svg
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3f269b095764e9feb2fc6ee3f4eb5f5f08587d8f3695daef1a0609e0930f49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 27 Dec 2019 12:42:00 GMT
server: cloudflare
etag: W/"5e05fc18-509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjJWIKzvaULpnOd%2FnT175iie9BA%2BQSmRiiAxgWU6uTKG%2FRFtrJpHdBYkv69Rah1WGhr6ntpjn6t%2BjHQr1tJhpeGD2tpCt8vIZxtoNtkMrFniqYUyEWWqmPUGWdFT8T5M3oPYadn6ZYQJ7zc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4215944969374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Huawei-P40-Lite-12-356x220.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2020/04/ 4 KB
5 KB 190ms
186ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2020/04/Huawei-P40-Lite-12-356x220.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa758928409203f2ba24572110247e93e8d0a5f49843f792fe5623beba1c2746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4564
last-modified: Tue, 20 Apr 2021 16:57:38 GMT
server: cloudflare
etag: "607f0802-11d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWKAIQ0fjulleky83x6H%2Bsf0E9yJ2uuppnhqE2%2BClDmu7zTBXSax6jG5YfDCUqs8ucKaaJkH2rt5%2FCyZgVdimTCDzWDeAxOVYBjcTMIWXstzke1F0jv7lCyP%2FhUga5sYJXjgyDr0HX3U2Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594496d374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 %D1%84%D0%B5%D0%BD%D1%8B-218x150.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2020/03/ 3 KB
4 KB 219ms
215ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2020/03/%D1%84%D0%B5%D0%BD%D1%8B-218x150.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3af61eab13d2d31fecf2346c763921f239f37cf617d30b854a9981dd549fdae5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3032
last-modified: Tue, 20 Apr 2021 16:57:38 GMT
server: cloudflare
etag: "607f0802-bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyuXzZoFwZjMg%2FTx%2BEqOll%2BkElxd2WmsV6RDxpLHrVu3nD7hEVEljEkZjmBYvISzEWo0kV6zZzjTw6%2BEUP6nPRLvPzeNDwdFVPHb54rrdoPqw0NI1ew5DDzHPOL%2BxmMSkNyUPUzx%2FEdbZYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944970374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 %D0%B1%D0%B5%D1%81%D0%BF%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5-%D0%BD%D0%B0%D1%83%D1%88%D0%BD%D0%B8%D0%BA%D0%B8-218x150.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2020/05/ 4 KB
5 KB 110ms
106ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2020/05/%D0%B1%D0%B5%D1%81%D0%BF%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5-%D0%BD%D0%B0%D1%83%D1%88%D0%BD%D0%B8%D0%BA%D0%B8-218x150.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3fee79378c145de833f181b40adc6e8a3c08ed21042d65ee8202496c67c1d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4458
last-modified: Tue, 20 Apr 2021 16:57:38 GMT
server: cloudflare
etag: "607f0802-116a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFXQADS9YJ5GVZsLzAD5udX86xY9Hu1ZVIejkYLaNw6RrGEHo%2FCSpJlVi7%2B1FckL79iF8UD1O1EOQJy54aB7%2BB0YpRYgn%2F%2F%2FE60P6KBkC60xnPP3fIr4i8W9dALmPXsDxXXYMWme46YXRO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944973374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 drivers-218x150.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2019/11/ 4 KB
5 KB 208ms
204ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2019/11/drivers-218x150.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10996fe1c1612f73a8a61a1a1649df4aa31b6e1641296e2c3dd54966f52f6709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4442
last-modified: Tue, 20 Apr 2021 16:57:38 GMT
server: cloudflare
etag: "607f0802-115a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5g7C49cWOPtdoCjES5hiYqrfvUHsVhC8ysNrbfy3wmiHQFZW4J3Jug3USunoJztyTYIW5N2%2Fl08SJuuxuCXTmQ8lDEVHZuPMBB%2BQv6OnXOYg538zz9%2FbIXqP%2BJ1%2F7OPv6UpF0pW3vjWQ3WM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944976374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sap-program-218x150.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2019/11/ 2 KB
2 KB 208ms
205ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2019/11/sap-program-218x150.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb386939a7e55a02e164cb1eb5a1310cef73c69154fc34489e7e12c508feaa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1768
last-modified: Tue, 20 Apr 2021 16:57:38 GMT
server: cloudflare
etag: "607f0802-6e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYzrkjRtp%2BTfj%2FWWX9xOnEwCIFCHkHim3j%2FE%2BJS0LAWBguyFbWegujjb1P45JhCjKmzX1sZJ5v%2BG%2FFNXv16jkvi63VQKdzYnX%2BQRvP8QQEFtaJ2y1PMDzwZSi%2BpJ0zfWyHhq6aXm0JMVfXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594497a374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 556c101cdb1e417ec8166e88f1bc0c0b32d48e34-324x235.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/ 5 KB
6 KB 69ms
65ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/556c101cdb1e417ec8166e88f1bc0c0b32d48e34-324x235.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02af515521b58eae5e5bc194434b8559a9ece08857ec13b131dc11b7065d25d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5590
last-modified: Tue, 20 Apr 2021 18:39:04 GMT
server: cloudflare
etag: "607f1fc8-15d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wmob7n1%2FYyVI%2FocsbuWcapKwF9XPfdsnTzYG8dTu2%2BUljFh7ssIjwHEmbsO20meQAHDwvJqBwn2ZSOd6sT%2BUFH%2B97NR9C3P5h5plPnbdOdikkRXvHvxZGiKXwEyapClI7fufZeZNilv8A5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594497d374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gsmarena_002-1-324x235.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/ 3 KB
3 KB 208ms
205ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/gsmarena_002-1-324x235.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf7af179cbc73327d0c731bab9cc26e06e5eb8322ce8d6dbde541aed0917a36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2802
last-modified: Tue, 20 Apr 2021 18:38:22 GMT
server: cloudflare
etag: "607f1f9e-af2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtsnPRk3Uqa3EGXiaMf7tZpjmfZ5u39b%2BLbfxAOrmkoQAd30zQwcjRh7yVPf%2Fw9zYV8wfs%2FsdNlFIyqDXxo0Tb7e6QNe%2BLcuYbm1ZFOlHmaKFwRwKk5Dt84RMrIqKC1agBwMY0hTT0XgcB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944980374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 7056510c-f7cd-4713-a1dc-7f2629e2f5ce_large-324x235.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/ 4 KB
5 KB 69ms
66ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/7056510c-f7cd-4713-a1dc-7f2629e2f5ce_large-324x235.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffea2fc688a92e70ca5f342f0e90072e8503cf26a68fa6882a2586194c1d280d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4584
last-modified: Tue, 20 Apr 2021 18:49:37 GMT
server: cloudflare
etag: "607f2241-11e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8Vm%2BMJKp%2F2TWTQsKBQGJejS5UtaPIXZcDmg1SFiN8Y2ggwPAaUuvK%2BVBiOw%2F8eFojXdMdoAIuH%2Fr%2BEo4rZqK1t9hY4SpU7SWfsX4WF2o%2BQnImokn324qQanelT4Bm6AQLevnBelR7VS6cU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215944981374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 7-324x235.jpg.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/ 3 KB
4 KB 85ms
81ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2021/03/7-324x235.jpg.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbcf30816aff2d29ff2da669cefeb273c646a872454d79fb2d026fe986bfaf38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3494
last-modified: Tue, 20 Apr 2021 18:40:35 GMT
server: cloudflare
etag: "607f2023-da6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27EdlB0L8xcjF3EpPeEsytvnY9bkK%2FjIVmWBgxmSkBJIwMO1qNftN6huHQlV9PTnALp2RiES9cBWHSrydmDJLjPlV%2By0d6duvDnHqgYOeefsmkXL%2FIfpf9wPRU5tcRX4MRa4RS61eyG%2B%2F5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594498a374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-footer.png.webp
geekon.media/wp-content/webp-express/webp-images/uploads/2019/12/ 1 KB
2 KB 85ms
82ms Image
image/webp 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/webp-express/webp-images/uploads/2019/12/logo-footer.png.webp
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5804a34a35e8f31577fdff09b150f48250cc97a4c547bd023c12360d46a236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1354
last-modified: Tue, 20 Apr 2021 16:55:31 GMT
server: cloudflare
etag: "607f0783-54a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZPdkb39WS626WcmDlavPL5HvXdsH%2BToz6FQnIH58BNjJkRTGwpTta%2BGo8NTICDmfJBlJJu5b0rrPPUe7j29ngwg%2FPwOZYPrAAP0BIeqTx98T9ViBOyl5s%2FjmWcV9PI%2B7r1w%2BkUo4h37XVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594498d374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 dashicons.min.css
geekon.media/wp-includes/css/ 46 KB
28 KB 253ms
253ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/css/dashicons.min.css?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 19:07:10 GMT
server: cloudflare
etag: W/"5e2c91de-b9c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1F1S91KfH9v%2FBOScpGd%2B3ZzmSLC7AjYLiKILJdrduF0xNRTj%2BT9c6qHINGn79m9UhI06%2F%2BpZUYGZlVfsRZ6nsQoemjlbIoa%2FKgiF9kuiHqeb3PmiheBIu4nKkyinABFaOWaHpiAi8gs7y4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d42159418d3374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 thickbox.css
geekon.media/wp-includes/js/thickbox/ 3 KB
1 KB 176ms
176ms Stylesheet
text/css 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/js/thickbox/thickbox.css?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77d3ee8b636b3b821e24ca9c40ede8ec0e214097ed01dba8feaaa7e55232c8f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 19:07:58 GMT
server: cloudflare
etag: W/"5e2c920e-a62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oI9d1XCPk0E7Sp%2BmKRWIoTibjgvY%2BSe%2Bol%2BXkJoFJLuJ5IUC%2B1RwmfZZlZd5oexGt2FAGv5XkCXqU3f%2FreA%2B5%2BGqzTdUzjHnf9sqV3k788YBp3Spg1JoVHwy1Q15%2B%2FUYayAXngLJ5ckn5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d42159418e3374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 decom.min.js Show response
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/js/ 45 KB
11 KB 52ms
50ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/js/decom.min.js?ver=1579914584
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5267a7583f77f4b36497b8545c5546b01234801de0d9239dbe7544f2fe5025ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Jan 2020 01:09:44 GMT
server: cloudflare
etag: W/"5e2b9558-b237"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbVZuj8bDmIGEtBPadkRviJ1NgrQdDuRVLJagOI1gSaifI9ni0pcXHZ7EvsKSUNriXmY7xs6hR8ijY2I%2FNbEcg5oqqrZTDvf9%2Ff85zpkxl5lIeUhm3sd7OzRSiIERQZozmJ8tTcJn9329S4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d421594391c374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 scripts.js Show response
geekon.media/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 71ms
66ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.1
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 23 Aug 2020 18:25:08 GMT
server: cloudflare
etag: W/"5f42b484-3719"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0ldMvAyt8sPGYtzYUwWkHU41UDhfyujER5QUauLPdxOZ6ChD4%2BSiAvx1CAPQPOmSVrjPFP7opii3P%2FXeoiotajlIcFe0HOBuBpV0VI%2FTKzVtr1G4dNrVDk1HvMLrCLCPJ5RFGq5nBoUA4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d4215944934374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 postratings-js.js Show response
geekon.media/wp-content/plugins/wp-postratings/js/ 3 KB
1 KB 212ms
206ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 23 Aug 2020 18:26:01 GMT
server: cloudflare
etag: W/"5f42b4b9-d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSomTDpshT0y3p%2F%2BUm19f%2B1qGjJkAxV8X1YatFF1WfkCXbXM1LQl5Q4A%2B9L2aEI7yxrgxfwZ20npbK30VoeOXifFLuNKC7CC%2BIDSVnL9x6q8oJzuelQYA8kW4CLBFANpbyj3WDCScZuRSCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4215944937374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tagdiv_theme.min.js Show response
geekon.media/wp-content/themes/Newspaper/js/ 214 KB
52 KB 306ms
299ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=9.2.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aecfe5fcbf426c2e96e9bd14c5577e88c9f6f615e7b6d2503da491937a7e170d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 01:10:48 GMT
server: cloudflare
etag: W/"5e2b9598-357ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BIVupZpDvIBFZZFnyQig2RSuBinXoPw66tXjGxXpv%2BbJMi7Kdcbwbo8STq5zyeYo6hpbG%2FyE09DgxGT6j7OzmS%2BwlCGNzt8JUbBZDI66112qQkh%2FONqInukdrq4U9xrU%2BiDx7T89%2FiRx%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4215944939374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 comment-reply.min.js Show response
geekon.media/wp-includes/js/ 2 KB
2 KB 52ms
46ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/js/comment-reply.min.js?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 14 May 2020 17:13:43 GMT
server: cloudflare
etag: W/"5ebd7c47-974"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvoTHj6DrzMN%2BHuNuZbSs1oug%2FtZDGcqAfLAjCZgKGzPHYKzkQ50P71j%2FT9zPRWNSAGYD9UzgqC7ns4iJxwdHW0D1LiNUl4%2BPJLV6w%2B3Wbiv%2Bu4xvZD5lr%2Bhn8eiumxNFkhybhMuXC1cMwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d421594493a374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 q2w3-fixed-widget.min.js Show response
geekon.media/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 214ms
208ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Apr 2021 15:40:31 GMT
server: cloudflare
etag: W/"60843bef-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyENXqvIHstln0cidWKJs2ADnf2zJP3Zu7JIcGxZGF8ztEmpFJzj5olgCIxRDzf7Mo4P%2BlpmKTlUy7FMySYWKJBhMd5oxae5W4lF1l942QhtzxBDCwxnyr%2BqUG1IdU%2BqzFfQKdhSP0N2d9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421594493f374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.fancybox.min.js Show response
geekon.media/wp-content/plugins/easy-fancybox/js/ 19 KB
7 KB 214ms
208ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 01:09:45 GMT
server: cloudflare
etag: W/"5e2b9559-4d4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsml7%2F7GWeWufqPl0lzRfzCzQgGatI7z04dYeszy6yAXOh4XZnei6C7hemHrg%2F6BLnE6WYiXtT0zKssdQiqM2A7WFC9%2FSXsFqli5prQ4E7k5A0FtHx4p42%2Bz%2FbZcUG2ta0TcJjsgd%2B81%2BS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4215944942374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.easing.min.js Show response
geekon.media/wp-content/plugins/easy-fancybox/js/ 2 KB
1 KB 71ms
65ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6810760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 25 Jan 2020 01:09:45 GMT
server: cloudflare
etag: W/"5e2b9559-8fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEB2xozgIbWKnkXZuvrJ%2BXTYahEWgIRJRP6EkC4Wgcx51Av43pGuSIFeNxH3jotx5CAO3yjfoVRyHaWuSgykYOTb0mwdRV57a6Y8g52qgF%2BF%2BNskqWY4Htgp6T%2BEIPisCKMfqyLB3mz85yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d4215944944374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.mousewheel.min.js Show response
geekon.media/wp-content/plugins/easy-fancybox/js/ 3 KB
2 KB 191ms
185ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 01:09:45 GMT
server: cloudflare
etag: W/"5e2b9559-a31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rSnppZI3GrdpHmXxmGN5thb%2Bbh25FXTaMicpnLdvjXCXWFzrtkey4OwMJqkihYABOW8VEbZlaxg9tPywydpWheIsODJGoBA6yfwhyzsHDJZ7EMmzmF1vTJhFx1IRwBtqF7RKPoNLuALZGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4215944945374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wprt-script.js Show response
geekon.media/wp-content/plugins/wp-responsive-table/assets/frontend/js/ 173 B
700 B 72ms
65ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/wp-responsive-table/assets/frontend/js/wprt-script.js?ver=1.2.6
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Apr 2021 15:43:07 GMT
server: cloudflare
etag: W/"60843c8b-ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ona9oB2vyfsvOlYzKlY0s4pREFbDry1yDrjbbatp6W4abfharLmfIGralvo0CyzprM%2F8rWUeQXGfWg%2BIJU65bu6CD9zOitQLZc4dRDLW5ZP18hZrvkg1LSMNdpzMjSrKfB8fcp%2B%2BqrNZCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d4215944947374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-embed.min.js Show response
geekon.media/wp-includes/js/ 1 KB
1 KB 72ms
66ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 14 May 2020 17:13:43 GMT
server: cloudflare
etag: W/"5ebd7c47-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHmIAOSU8Rx1v2fDGtoC21r%2FO8%2Fs7ktteomDCzR%2FCkGJfYkJU5yhctO%2FAWC6YmB6HfA6WLoxRnRuGBu5KiLu7mt%2FRwa5i9JQu1K%2FBKTEPpWBNQUWGc08SMtHX1xDksfmSHgLcBLaHsd6E9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6d4215944948374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 thickbox.js Show response
geekon.media/wp-includes/js/thickbox/ 13 KB
5 KB 211ms
205ms Script
application/javascript 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10446fcfc406f1ac6ebbe55503d7f9ba188635b31559a5ecd38cc2827aa0c131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jan 2020 19:07:58 GMT
server: cloudflare
etag: W/"5e2c920e-336b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItuD3nmH4wgq3KcGa0iMAcIlGpY0U7D1nR6sl72rYp%2FKPJdNCNefBNMAXCYcPn32tEVOnxU405o2k2u2%2F8%2BRaKm4KMFlL%2FNQ39llF%2BNiYzIOgs0ZwF5A0ia1uK%2BOUebS9EeTnR91Xshuino%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d421594494a374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 newspaper.woff
geekon.media/wp-content/themes/Newspaper/images/icons/ 22 KB
22 KB 238ms
238ms Font
font/woff 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/themes/Newspaper/style.css?ver=9.2.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Request headers

Referer: https://geekon.media/wp-content/themes/Newspaper/style.css?ver=9.2.2
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22064
last-modified: Fri, 31 May 2019 08:07:52 GMT
server: cloudflare
etag: "5cf0e0d8-5630"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asQmIOjfyyxwkOQSGLHUYoBKkj006Dom2xkA5WdxQHWKpiVfyEL7rNwHW%2FZB7UpS61mdGFShDjfl8qqueeDPY5XDPsqOUU%2FeTd2UtQYe%2BTobw9jifcwVeFXqZWc2GL32CFF6D9x72f9INJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421594498e374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 MullerRegular.woff2
geekon.media/wp-content/themes/Newspaper/fonts/ 24 KB
25 KB 203ms
203ms Font
application/octet-stream 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/fonts/MullerRegular.woff2
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8af0e93629f9ef52a54184edc3ab7fe7ecee775944cfa56a8d5fa0ecce7b650

Request headers

Referer: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Dec 2019 10:04:28 GMT
server: cloudflare
etag: "60bc-59a8462d46300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQTa6OI5REoFCfOz2D6pz%2B1Eyxg1eFT1%2FU673YOP0HDv1yUiWO7kyMK%2BC8Tk08L%2BfQ88%2BSyfCgpgQyOwEsj12%2FvrhFPYd4pgIyyUaZqdhta7ZEtFTr%2FUfffDNM9aHdgKMe8bHljfnl9cpXc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4215944990374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24764

GET
H3 200 MullerMedium.woff2
geekon.media/wp-content/themes/Newspaper/fonts/ 25 KB
26 KB 251ms
251ms Font
application/octet-stream 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/fonts/MullerMedium.woff2
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610fbf508567cd9403e18f32e675c983437cad963561734d8dc5bee4328a570d

Request headers

Referer: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Dec 2019 10:04:25 GMT
server: cloudflare
etag: "63e8-59a8462a69c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaLqKIcE95j2mZsgT%2Byg8DfZoxe4z0y671qAAqh2TQNAwye2dB3Au%2BpRPVTbWegP8BZyAqcdzSsRTlu4dVeBU%2BnNiiX%2BgwWbG7LkR5gSzqNJnf%2FcvFEUap%2BXrNvxJQAn9%2FvlYTj%2B5Uax4%2Bo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4215944994374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25576

GET
H3 200 MullerBold.woff2
geekon.media/wp-content/themes/Newspaper/fonts/ 25 KB
25 KB 249ms
249ms Font
application/octet-stream 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/fonts/MullerBold.woff2
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4d369ad502d8aac611cdff9e981b5c272a7d51d3a8563a3de739214cb2cc85

Request headers

Referer: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Dec 2019 10:04:17 GMT
server: cloudflare
etag: "6310-59a84622c8a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7xGNtOqW9zOINwYIV7yBuQRIVYzrYJz%2FgpfHEO9t5hCMjJfTQ35K%2BSGtyP1oE4NcdkVugEpXAbH2uqLV4pkEsxAfHaHmp4ayhQ8vwtrJP3wH5uNOM42J%2BsPmWxXsAF56ZZ4LoKH%2BAEt8wk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d4215944997374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25360

GET
H3 200 MullerRegularItalic.woff2
geekon.media/wp-content/themes/Newspaper/fonts/ 26 KB
26 KB 189ms
188ms Font
application/octet-stream 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/fonts/MullerRegularItalic.woff2
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cdc8ae6b480c6e657706f495ea237a65a8142a7eb93f182e6fef34cef7cedc

Request headers

Referer: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Dec 2019 10:04:29 GMT
server: cloudflare
etag: "6730-59a8462e3a540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBMBRItGdeN6i%2BSwDl29zRuuNEdptifQ7OQLsY1KdWWhxAKs6zNv5nJYBQNNDZcamJXz%2B7RA1bQlazj0UJ2%2Bu%2FrES%2BGglBDT3DUD20trBRFzKEy8k%2FPzYo%2FNr4ywWbVV9ikbALOEFM3f9bw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d42159469a8374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26416

GET
H3 200 quote.svg
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/ 29 KB
22 KB 31ms
31ms Image
image/svg+xml 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/quote.svg
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/decom.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fe702dfed504dfa10cdc36a0fd1c2ce1a72966d4af68e91c5d27e96a001192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/decom.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6810759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 Dec 2019 12:42:01 GMT
server: cloudflare
etag: W/"5e05fc19-7368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zpF0a3ZPLlC6y2fc75uZa3ilsQ5GujxpXKaVXqv6SBx%2BycnjfqIJ30B3nv3tc4HsqUVLcAOoM6yUD2MO2BykoLZ11qkk89EWxde9WhX0KV4YxYdggyq6lIp07u4KlfAgHqzCHQuZvWxbp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6d4215953bad374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 socials.png
geekon.media/wp-content/themes/Newspaper/images/ 3 KB
3 KB 178ms
178ms Image
image/png 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/themes/Newspaper/images/socials.png
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a09e3d2b10b297e7d149896bed655fedcc7821241dc982e5b5f3c167fc5ad6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2846
last-modified: Wed, 25 Dec 2019 18:19:27 GMT
server: cloudflare
etag: "5e03a82f-b1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsz62C5k5EriuYhA8sizaiIcrvKbBMyR0g89bGLRVcUFEpIcXCH4dD657kuyEvd69f9L2vYi0%2FErkMFH1ZCegL9lsGeOfFP0mx8LkO2pgFYT1%2F2vqmo%2BejpubNU0hyzloOnMMU2NBgX1MDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215954bb9374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 deco-icons.woff
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/font/ 3 KB
4 KB 107ms
107ms Font
font/woff 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/font/deco-icons.woff?7h65ma
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/decom.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df07c2745b1d498d6464be053c7bd9fe4fb9d63ccb657156d68b6a3e0b070aa3

Request headers

Referer: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/decom.css?ver=1
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1027159
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3284
last-modified: Fri, 27 Dec 2019 12:41:50 GMT
server: cloudflare
etag: "5e05fc0e-cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZRB5aaGdoitYN89N3l%2BINaWrplW8hsh89CbrprtbfBKPszkd%2Fnp2qdUAr6hY3IKrZJ94IHSLEZHPiIgJ0EPHfhtoqs3dIPXlyS4cu1u6Uk5wNRE5rxC3IXETRIWNBzaUpuvtUI2rYTpG60%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215954bc0374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 icomoon.woff
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/font/ 16 KB
16 KB 288ms
288ms Font
font/woff 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/font/icomoon.woff?7h65ma
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/decom.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89be859523dd7757062c344cee7e48da436b40757aebe0482d834354cd9791d2

Request headers

Referer: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/css/decom.css?ver=1
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16116
last-modified: Fri, 27 Dec 2019 12:41:52 GMT
server: cloudflare
etag: "5e05fc10-3ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJNLVeAVQGT9drWg%2FGZOnfHt14SF2txlUNfo7chbIGFyL17Pr%2FwDTZd6Q13RjZSx3xte1qW8XQK%2FDOpM1bJnH3l9%2FROR2udgm92wZaOkD40BUpmhQ4an72Yu5ZIZY3g3ZoU9IFAyLrsoolo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d4215955c00374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 283 KB
102 KB 52ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3652607746689866&plah=geekon.media&bust=31064215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3652607746689866

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76efe2381e5a0ec58e898dfcf7036d98aebf28a5e05471a4436c4452b142f39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 7895866309259140906
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 12:46:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/ Frame 8412 10 KB
5 KB 32ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3652607746689866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 26 Jan 2022 15:59:58 GMT
expires: Wed, 09 Feb 2022 15:59:58 GMT
cache-control: public, max-age=1209600
age: 74793
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122658051-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4297
date: Thu, 27 Jan 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 13:34:54 GMT

GET
H3 200 rating_over.png
geekon.media/wp-content/plugins/wp-postratings/images/stars_custom/ 2 KB
2 KB 40ms
40ms Image
image/png 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/plugins/wp-postratings/images/stars_custom/rating_over.png
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d2478b1333f250b83787334727bc128213f49af1426df8d89838e0bd93229f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901961
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1791
last-modified: Sat, 28 Dec 2019 08:55:13 GMT
server: cloudflare
etag: "5e071871-6ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPANrV7U9UCv4BFVUVf%2BDeg2woo0oBO40YfiuCVpyPesqLW0nSsGalLW5xl7o6PEGEUjlqjkYZP3yc3vt2Hz1n%2B8TdvMdoWEJ2Z1BjMfDWsjpS35LJDCWf7BJR6%2Fmv9Cd8iVWdAo0MDUHSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d421595fd94374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ff715997f5e5b0f897ec.js Show response
yastatic.net/partner-code-bundles/53141/ 13 KB
5 KB 127ms
42ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53141/ff715997f5e5b0f897ec.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bf7c58aa03802af086dc6186e82e2d441644d2cbfddabc1b182fd1f6810eff77

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://geekon.media/
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4460
last-modified: Wed, 26 Jan 2022 20:53:30 GMT
server: nginx/1.17.9
etag: "dc4ae15f33341c5a38de78246927df9f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 19:21:22 GMT

GET
H2 200 3ad9ef7d60d366485127.js Show response
yastatic.net/partner-code-bundles/53141/ 80 KB
17 KB 165ms
81ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53141/3ad9ef7d60d366485127.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d7cef3a5dc9539e23338f326921b9eede981a037e9cb0bce5b3c230800e2254f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://geekon.media/
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17011
last-modified: Wed, 26 Jan 2022 20:53:29 GMT
server: nginx/1.17.9
etag: "5dbe053362e5ae0b41154f5ed9a01182"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 19:21:22 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 218ms
136ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://geekon.media/
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 19:22:08 GMT

GET
H2 200 d37eaceba9eaa45c4e55.js Show response
yastatic.net/partner-code-bundles/53141/ 588 KB
121 KB 176ms
97ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53141/d37eaceba9eaa45c4e55.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

06f2e8d882c079e05c45bea1965e079d085cdfb732e0a827ddbdd3c1cd6aea08

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://geekon.media/
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 122946
last-modified: Wed, 26 Jan 2022 20:53:29 GMT
server: nginx/1.17.9
etag: "e8083b443cc2df0d11fe6af2228cb153"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2052 19:21:22 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
15ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=243060066&t=pageview&_s=1&dl=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&ul=en-us&de=UTF-8&dt=DriverPack%20Notifier%3A%20%D1%87%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B8%D1%82%D1%8C%2C%20%D0%B7%D0%B0%D1%87%D0%B5%D0%BC%20%D0%BD%D1%83%D0%B6%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1528671879&gjid=1872441461&cid=586390742.1643287591&tid=UA-122658051-2&_gid=475277681.1643287591&_r=1&gtm=2ou1o0&z=1071540368

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://geekon.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 67ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=geekon.media&callback=_gfp_s_&client=ca-pub-3652607746689866

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3652607746689866&plah=geekon.media&bust=31064215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ed7e179256d13fa36b34866defec818149c484ec399dbc964a1e921bb81675b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=geekon.media

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 51ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=geekon.media

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&tn=DIV&cls=kc__wrap&ign=false&pw=1600&ph=1200&x=0&y=139.2

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 37A6 182 KB
48 KB 458ms
443ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3652607746689866&output=html&adk=1812271804&adf=3025194257&lmt=1643287591&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643287591294&bpp=2&bdt=478&idt=124&shv=r20220125&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5414513662409&frm=20&pv=2&ga_vid=586390742.1643287591&ga_sid=1643287591&ga_hid=243060066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064215%2C31063911&oid=2&pvsid=3213485485922822&pem=513&tmod=186438183&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e35925b79830e45ff706c84562c8e39020f184dffc6787f26de5d43cd2785c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 Jan 2022 12:46:31 GMT
server: cafe
content-length: 49257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Jan 2022 12:46:31 GMT
cache-control: private

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 198 KB
68 KB 165ms
82ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-10e38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69176
expires: Thu, 27 Jan 2022 13:46:31 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3652607746689866

Requested by

Host: geekon.media
URL: https://geekon.media/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aa863e38d97e51e8365476e0b1fcc9160462051cefea418bc70e43e0f69e249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51937
x-xss-protection: 0
server: cafe
etag: 1260877371313358783
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 12:46:31 GMT

GET
H3 200 MullerMediumItalic.woff2
geekon.media/wp-content/themes/Newspaper/fonts/ 27 KB
27 KB 153ms
152ms Font
application/octet-stream 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/themes/Newspaper/fonts/MullerMediumItalic.woff2
Requested by: Host: geekon.media
URL: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7cf7b06f0056598cd47860559f77c3b7ae205163759ed83b359bc1775b20bb

Request headers

Referer: https://geekon.media/wp-content/themes/Newspaper/geekon-style.css?ver=0.0.3
Origin: https://geekon.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Dec 2019 10:04:26 GMT
server: cloudflare
etag: "6adc-59a8462b5de80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PBQLnH298JtMEtDtK416hRNg8%2BKV7gUJDbsYd%2FEMf5PODwoP7zJGbwE2mRTQLs6b4JOwsKPOMy5bvaPx%2FA5vFJN6pKW6EFGbOx8n2ux0qWWVrI0erMVkYT%2F7Aeg45gmUimjfKRq%2F0woIVw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1382400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d421596efed374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27356

POST
H3 200 admin-ajax.php Show response
geekon.media/wp-admin/ 15 B
667 B 527ms
527ms XHR
text/html 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geekon.media/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=9.2.2

Requested by

Host: geekon.media
URL: https://geekon.media/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70000504879166ec05aab3fa053c0dcf77e669e101118e99e23914dbfdb1ac61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://geekon.media/utilita-driverpack-notifier/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d42159728bf374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uM%2FzImUyidhcpmbVraBxuLFkqh2dmUDJ1S4%2BLWk83e1Se9%2BZpMygt55Yz3MzQQSPV0NNRjBbO4a5eLUfK%2FACx%2F5shNlg%2FKBa0bxJNWz44ZxOvEESvPp1K2sz79SsJNWceijPVTH22I5VcpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://geekon.media
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 loadingAnimation.gif
geekon.media/wp-includes/js/thickbox/ 15 KB
15 KB 102ms
101ms Image
image/gif 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
last-modified: Sat, 25 Jan 2020 19:07:58 GMT
server: cloudflare
etag: "5e2c920e-3b86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dlgs4bdwsNMjaKOIQ1iRDO8y4X8%2Frx8uakJvVBYP8PMZY89WxZk%2FmnmFI5nLCvM6y4FQFYlGCa00xyu9PLRE7Dw8MZjK2fXYuuoQeeCFlXzZjZjjAPHfN1t%2FqbZ%2Bs7skNwEH45UsryW83KE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d42159728c3374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-122658051-2&cid=586390742.1643287591&jid=1528671879&gjid=1872441461&_gid=475277681.1643287591&_u=YEBAAUAAAAAAAC~&z=378915396

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 27 Jan 2022 12:46:31 GMT
content-type: text/plain
access-control-allow-origin: https://geekon.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1340070 Show response
an.yandex.ru/meta/ 15 KB
9 KB 294ms
210ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1340070?target-ref=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&pcode-test-ids=466940%2C0%2C29%3B493330%2C0%2C58%3B496141%2C0%2C37%3B487926%2C0%2C45%3B492125%2C0%2C1%3B478504%2C0%2C2%3B406668%2C0%2C47%3B499070%2C0%2C60%3B204298%2C0%2C51&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22494893%22%2C%22testId%22%3A%22496031%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22SHADOW_ROOT_OPEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22476923%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22487852%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22466940%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487926%22%7D%5D%2C%22SMART_BANNER_ANIMATION%22%3A%5B%7B%22value%22%3A%22disabled%22%2C%22testId%22%3A%22492125%22%7D%5D%2C%22GRAB2%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22478504%22%7D%5D%2C%22GRAB2_SIZE%22%3A%5B%7B%22value%22%3A5120%2C%22testId%22%3A%22478504%22%7D%5D%2C%22GRAB2_TIMEOUT%22%3A%5B%7B%22value%22%3A150%2C%22testId%22%3A%22478504%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2253141%22%2C%22testId%22%3A%22499070%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=KjhN4lSiTwlDdLuu9BgzSoWB2r17t9X4hN4VBxhJ3Qss%2F9MKVGxohkxDamBt54uVNb7oKZgEkB0nhqYTZ%2B%2BdXdqo5zE%3D&imp-id=9&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=504177620942850&ad-session-id=8611761643287591534&target-id=15446099&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgeekon.media&top-ancestor-undetermined=0&pcode-version=53141&pcodever=53141&flash-ver=0&available-width=838&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A838%2C%22h%22%3A0%2C%22width%22%3A838%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A182%2C%22top%22%3A294%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNjZ9ChqjpJDkuGmBMFBXGqz9V9puaeomr5s7tslMJ2LmnMMnotP572WbtJNUNtknsjRl2LRNnPgNO8RmE_ohcsIx08-wdFrXLl3WbgX0G8BljFYVURFRWdFBs326mZtWVEUVK1asGIMYreKBIY0QxVKkiZq8Az3wIsoolqLobLhsYg63s4G4AHNwOeLOwWIj4HA5-A9MzMF-AMXMncN_IPidTcTBe6BxOAI2MRs28wpgw-UIOdidw3s5qBweRwy-jgODQ_CyXDaCh_z5ETTICXt--Q6-lgPDxJbwYACWTfJQiJ8rLkd0y3eOoK9ogufipTubxM76C4Ry0MHMb4S8g0-j9BQhNY0yTlTUNF7khTE1BB01DeMwSKOIvaTLE0UMtl4V-2ppJPOiQK7v6kDuxXIPbH12uGl_6gjZJBysZ1n8qz53bFg2WvxyeBych_UAC35h_Jvkzk_wewlM1L9R4R8FuS4fwl2E9xzCuqm8OKwHUHxQL1s3oRctHp5u_tznF4sNmw3ywxeeQKbOAcAn09_7ASF-cbBcyE9k3Rzv58zfVUoKIQlCyY38OQfh2__3-L4_nvtswob_a8Ldpfh1B8EPZ1l5OSEHysuKmfSM1DSMQzSaQEXa1WHi-2DrZYHvpV6skIWJF6eqmDKRhF73IzlFGDeA0xPcD3ikSnUotQwoqzxlIFUkXup7iVyVSFX99wojL0lVu4HsN0jllUQpwkCThKkmDB6Wy17llarCpkLVyZTRSytiuaR7qlQTIIxVaZiQBhJPT02jihAt8LrAC1cEmuh3vp5OInks1ZvFP6-pH6ijJPRTMmkiYyX85XxZIi-lRj6NnvkKRfIzOwCcMOCgAEbWow0DP9ZX0YwsJvaYsE5DEppEK34iO8UXG0a3-3fXldqGO2fbk25SgNuWOzzI-76yS1QultifABTdBTL1SGVx6iUIA3mgIC1hBBrEsdpL1d_JFIH0u0Uilf4221BpIlfHvhdISwHKxE_VyihUvdASDj09Pd23JdVQlSoOYwUVWeQpqXyJ5oRSMdx8ShqEkZw8PZHHZkLpXTc6BYJNuBR15vk8W0cL7YraCyN-DMZ9TEXY6jT_sdXjmweQaCUIzeP7AW19JLiqftA-AKFzYJoFQr9i99zA2Xqc5Vj8HMO5SnkcmyUAeJM2N132RS8W70mRu7UaXoNWbIYW8M8a3leJDGtAYBNuzhVNZWHBK8ypXU914VW7XwpkNigvSGiilq185NkBvjHLfS6vvgnyFALxR0J0NaxgnlESQqoGw6ztdFrULNpOh-G2A7AniEvTCDZjg-pSCL3tlm9XmNvzPFv7mQVC22z43fzLEwLqhkbPgBIValYz02J4ZiBuzfwuZzk9CElfelb0RY3BFsfHaHFtAt3_mi3NALLP9j8pG_Y18zxs_FwdhbmdSnJ4j7WYorVb4R0usFkJBel52vdqa0aX2u3y7rflZTFHmfMM8pwfJ1K1ctPRpT_zd1dJA1mqCsjkTdiLv39r4v5g6Y25sCWYnOhILtvXu0nhCZp7mJLDt-UAxmObJZU95Td65vLetYulK9kdwHyP9JMBqm4ownsqbEtRSsLwIHT_ZuWWyveksadWUhm8Sle6ZEcakHUTy1aoHpYmqbvRGy7nyxYCskhFEXvGo7GJcli1n9-XbgL3WPmUKWI_jeWJJoxVevsh5m_awb6HsPG8cCN_bHNrgfS4nWBb6yNGkv2uH-fD4EDDWFOxpvUS9XYSZJOyhc-OdjJ071zXhBfiFyOyXq8qLA0DiuB4P4DSCkUF5INtNTmptRA2Nit0I7jBMl0ERJEv-cuijFSqWK6nBg100AEhkPcWoLTbxDzxXjuIDdARjlNjPGZzyLbCsPY2c9mgsGEzubgrKQnUXnkoWTUssPii1GB1GX3A5RfWhUNH2w0pCPFpcvkylYT5vwIRPjwGd7lvabSL4QkFTu-wV9doBdsnhqjpqcQXtSg5acow0Wk8uRtEZKsiZOagW3ylrVsbJS0MFqCtnS1ucTOWrQixqF02F3NNQnaonxcpaaqWShSa6kUvSaiU0l98eUlXNG5Ni3_eCFIzvsM4xMahpv1e5-cp01w-1-fhHGS03TosU0_7FolE-iUgjO0e0XGerqt08eIC6XuJJ_FTmUQTRr6yW7ykhymHyJVPPXkShV25tOkVn6UyaUAhTRR-9xKKb7gEMaJYmpgofXy7SXeAtsisp-ukdLYRNRjoddrQMCp19uUTiacMpOeo1GdhLLMvraHmABRHdOEEGwEKGkZNq_w4Gxyc703ARlDmzQZsKGxMRkfLHDGSq6moGp4vcgy5eqjTT6JSAtre1ivKUNf1sc7-aVQncTWmfXuI-V-y5s51Z_aMcyJbUB6qBjUaPRAsOMu4GXLlq5wlmUzq2X1hsifg3uj9e7Lh9eWPV50ru8dx4vhBRP_m8dhE_ZPqeEw-XHhRzifO9Kes6E-mzgEMuq3850LpG01jtZAPt7l6f8s-7gvx7i0cnoXXkb84KOvkJD5RvUFEdJ6L8XmY-dxbArsDbCT_TO-fP2LN_ftuhX3bGCpH-GdT9vhSS53r-e8X7c0pa4DHuAl-KcMdzLsyjcJ4J-TX4jVbNw8Tu_o6-HjT4JnxsLCi_9bivhTgH03QZDkH6YJsdxD96zvhh8zl9bk5CYeIdk2RS-__WMz5Ru_r6_9lnoAaqXGXiK-BMmQFspnOdVI4O8XGs2ipKFjHF_E6p563Pddw6kpDBBkCegzXzNIoVmgQ7iH-UueQvKBh3dZE66BL2fCvNX8xQnudH_fZUtU2_D7hoKCN9nNa7SUm-zVlzQ7ecot183yg2bBqgF_03wdoUGYmbgW70Z5RF_7217n__k5dJMbtyJAEYKQPB86LJ2gVG7xbbfHx8wvEKeYcHrjOahwYz2olCJzb_HZ8Bta-StwcI0coM-hbgbDEBdmtD5O7VU7YSiZ2X7fGOeb2ipXbA64cx3H1Fedy6m6CfXw3Dyz2tui9iueKoPbPmtfmOH1vINiJipj7ihevgwdvHVuwBmfiLP4ZPFxSlLtlS-gWoMfb8MrtxulJvKSHYyG1Ixz8DeBxfzxE44LgjXmw4rs2OawBdGu7qK5etr8FZ0-HOlAu9Yj6j0XYFm4TrmV77gCoY2yf2tloznhYfvPxUn-5v047ajrEezzfdBuGnMbgbxXc9MVcTTUc6FeBeLccyTjrdudWJ4SN3HkuCRJdm-c6OlPOrwLyzJn4h7PMb74VDa5-nL2DWcKcKV_fwNtpnO3kMI9TVg84b0vS0XfCQe4W6UZWbeI7Mbwpe88S1s5NZvsNoR9rKNo9vkYhBuTOAYhjYJjcwmhKZ2uyuQq_ki8CdzrkZmLPuQu3peaa63QMV9qR9w0Qcde1emYG7pSOooqvSwm3KEsnSlhbZEoSyU7XscA0nPv5m6kd6MtLaH2vLNPOpF_ItlF08MBAigTcvP-4ztPZ8ErFUwxvYUNp9Xdn9BkOgKZllppbkGxsDM-4JZ9wN0FMcb6Ku-_1LvH1m-00Ym30QbQdh2C-__jnc7mKyJ3NFp0t72J3vnPH11oscrNCtUku1us_70kIRyC4yxDsqVUnMYvhH-7J4Mbf9Lmvfk3x1kuobXWctdXZk-HcTeHSVNSqIm_Gh-e-tMG62LvSltN24dnwf0r5Pq8pYg7WlxhrvqkZ3jLB70hbNgDwu7RtWoLBdoc3cLb9ecVMjiDOsMY_3Jbvy8ORZdqHPlj7ucar_IhmHDdU7ElNJK36EbslqGYl_u7R_pKoeWXwJpPnsSa3-ZhFFTOZf_d2uvkGFkzZBv9Awu6bhLfGCyaDQt0QbxvbPuYJk0fwZOlNo8akWFkDccsyXsEed5fj7feaK2Zlt74Z28ocwE-9POeVNXFCN2PfltDRqJK8bGC3tD8PQDA4wP3pV6Tz52T7f41Ps1h73NPw_4tN78PwkHwGsCi9chdTVQwqMIhkYXU3A7STO4xAa8OZ7zuRvHDxak1UbqYX1IjYVrDARAFkpOPY7oAUhbHfwUNISwcukLOVArxWhOjo0737xE5Wnrt_x6ulTXCdwDEXstQMzgFsAce0H5F7vXFq0rNVfRDs7fpMAHW027-oDgV4tSeHjHakbCLwaWTSmDqRycgiIDGpZeFz9oA4vQHCVm239uc3NbWMndb2Wn35mLhlWZczvOmxlf9jxFw5FF_2h8GB2XQLiUe3EKuVWdzycTV-P5MXWBjT9wyQO7MZbt8eL__yZUvi8diaQ-UxfV72h34rtoCT91gaTlG27Z_mvvC6ynEWY9mJZpI0t467vqL59Wss3nBjyHFz4lTku9wI5vHO-tsBd8hgzVkVFU5qIYo-3g7ci4_rz75pmbHEHLhW4LGXgadCy-5mLw1lEHiOV299lgO3-npkVVIaqwPFeiT1oyY-kXGrNm7Av40iCcsATTQXfKL1sjIK8_bQ7Vb79325q-4bgBNuDbgkchDOgcPCVK0YCVhIs6e5urkJvmLC2wgBp5W0Ya7hhzJNXIsizyi7tqMuXPxqdR8vDIBDCvTUjdFWd9pVglqsQdCCWNjIMfUvLumelpTeBEeaeJGcwkje8YjBaEEqf0-x4z5EYczgQODbuGnw0khOGeinvre_P3xwz9N4kTMxC2v5Mu8rE2msN4bh7AF9_PItB9dbP4cS1HU1t7DjIlOSvVkfmRaWLjtwkwbcMfhUTTUSzwvWAJqTTxH7paQykavCMVKXQuLUixHmTfYj_DluEkhOkH3GCaRdVB57ZIGUvIRNmahjTRCQd3kQRhRKbxwK140QkTGPLPKmXkMchuMwvvcPMdhFRK6nNtnWMTclTssEEqn6DE6LaV3D3xWk425MtVa8L5OEidRP_Vi9GhRF-8jMmvgvJhyDWgSkiqGdCHF-6viFeBuPrB_MNV_KcltQrYoKVSTPK5BTKQKVJIypdE09bwGvxrZEHimS2-XsoWpyG0Rrx1F94YxWx0WWN7aunXF5c42rpruCLJAj_lHZkO0bo_I3RrdvcWY_SzFCdSyVPR4rbnnfSrGarvk03GswIygO1f1yUfOp7lHI&uniformat=true&callback=Ya%5B2536022713081%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

fc96b73af1f0dfc834fe25cd1692b6d31694e4f5e857b5ef022c4511d1c6c11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:31 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1643287591687267-225976582801924979000254-production-app-host-man-pcode-52
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:31 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9531.NLRclQ4nmVICUCh_DRzqeDAbkWp0Pc-7L6y5WaNvq9QGGO7OZ_H0p-VMXT5q33mg.dsZ1UpNoyikUwHnhtx7FEWRep8I%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9531.JPVCWcZFbL_UPdpgy9_A87zjK4w_MNOvXVNlU3fn_UznXonZDCg7sGSBzvQcO8v_AypOyRlj4nTxo_T7MM0cvA%2C%2C.ZoKacRhOvAAUQjIEdvMKJ1Q26ac%2C

75 B
75 B

41ms
41ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9531.JPVCWcZFbL_UPdpgy9_A87zjK4w_MNOvXVNlU3fn_UznXonZDCg7sGSBzvQcO8v_AypOyRlj4nTxo_T7MM0cvA%2C%2C.ZoKacRhOvAAUQjIEdvMKJ1Q26ac%2C

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9531.JPVCWcZFbL_UPdpgy9_A87zjK4w_MNOvXVNlU3fn_UznXonZDCg7sGSBzvQcO8v_AypOyRlj4nTxo_T7MM0cvA%2C%2C.ZoKacRhOvAAUQjIEdvMKJ1Q26ac%2C
date: Thu, 27 Jan 2022 12:46:31 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 41ms
41ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 13:46:31 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/56623264/
Redirect Chain

https://mc.yandex.com/watch/56623264?wmode=7&page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A117...
https://mc.yandex.com/watch/56623264/1?wmode=7&page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1...

350 B
432 B

42ms
42ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56623264/1?wmode=7&page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1170%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A838170811120%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A663521633%3Arqn%3A1%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643287590054%3Ads%3A13%2C66%2C679%2C5%2C%2C0%2C%2C652%2C47%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592%3At%3ADriverPack%20Notifier%3A%20%D1%87%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B8%D1%82%D1%8C%2C%20%D0%B7%D0%B0%D1%87%D0%B5%D0%BC%20%D0%BD%D1%83%D0%B6%D0%BD%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0e652b42516f37af34e2ab1859e3b6c833aea6bbadc43747370b82d1762eccc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 12:46:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:31 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
last-modified: Thu, 27-Jan-2022 12:46:31 GMT
location: /watch/56623264/1?wmode=7&page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1170%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A838170811120%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A663521633%3Arqn%3A1%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643287590054%3Ads%3A13%2C66%2C679%2C5%2C%2C0%2C%2C652%2C47%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592%3At%3ADriverPack%20Notifier%3A%20%D1%87%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B8%D1%82%D1%8C%2C%20%D0%B7%D0%B0%D1%87%D0%B5%D0%BC%20%D0%BD%D1%83%D0%B6%D0%BD%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:31 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 138ms
58ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geekon.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 12:46:31 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://geekon.media
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
373 B 39ms
39ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2 200 1340070 Show response
mc.yandex.com/watch/ 167 B
229 B 41ms
41ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1340070?wmode=7&page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A1%3Als%3A765585687028%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A844038157%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643287590054%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592%3At%3ADriverPack%20Notifier%3A%20%D1%87%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B8%D1%82%D1%8C%2C%20%D0%B7%D0%B0%D1%87%D0%B5%D0%BC%20%D0%BD%D1%83%D0%B6%D0%BD%D0%B0&t=gdpr(14)mc(p-1)lt(28000)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9e269ef515e8df8e845b1358f3cc974ee1a7c76cd391af720b9024f784973f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 12:46:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:31 GMT

POST
H2 200 1
mc.yandex.com/watch/56623264/ 43 B
73 B 42ms
41ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56623264/1?page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A1%3Als%3A838170811120%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A289394770%3Arqn%3A2%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1643287590054%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592&t=gdpr(14)mc(p-2-h-1)lt(28000)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228611761643287591534%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
last-modified: Thu, 27-Jan-2022 12:46:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:31 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame C311 24 KB
7 KB 113ms
37ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

server: nginx/1.17.9
date: Thu, 27 Jan 2022 12:46:32 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 27 Jan 2052 19:18:32 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/protected/ Frame 1860 24 KB
7 KB 124ms
50ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name

Value

Content-Security-Policy

default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;

Strict-Transport-Security

max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

server: nginx/1.17.9
date: Thu, 27 Jan 2022 12:46:32 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-security-policy: default-src 'none'; media-src storage.mds.yandex.net storage.mdst.yandex.net; img-src 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru an.yandex.ru data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' yandex.ru yandex.ua yandex.by yandex.kz yandex.com yandex.com.tr *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net an.yandex.ru mc.yandex.ru yastatic.net; child-src 'none'; frame-src https://yandex.ru https://an.yandex.ru; connect-src storage.mds.yandex.net storage.mdst.yandex.net mc.yandex.ru yandex.ru; style-src 'unsafe-inline' 'self' *.yandex.ru *.yandex.kz *.yandex.ua mc.yandex.ru storage.mds.yandex.net storage.mdst.yandex.net; font-src 'self' *.yandex.ru *.yandex.kz *.yandex.ua storage.mds.yandex.net storage.mdst.yandex.net data:;
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 27 Jan 2052 19:20:25 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 149 KB
53 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/reactive_library_fy2019.js?bust=31064215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aef34faec8cd36ab795082058d15fa82b61d96f7d7b070ae90712fc84360ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54134
x-xss-protection: 0
server: cafe
etag: 14792919748187230104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 12:46:31 GMT

POST
H2 200 1
mc.yandex.com/watch/1340070/ 43 B
73 B 41ms
41ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1340070/1?page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afp%3A1170%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A1%3Als%3A765585687028%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A236149964%3Arqn%3A1%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1643287590054%3Ads%3A13%2C66%2C679%2C5%2C%2C0%2C%2C652%2C47%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592&t=gdpr(14)mc(p-2-h-1)lt(28000)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%228611761643287591534%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
last-modified: Thu, 27-Jan-2022 12:46:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:31 GMT

GET
H2 200 1340070 Show response
mc.yandex.com/watch/ 43 B
73 B 41ms
41ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1340070?page-url=https%3A%2F%2Fgeekon.media%2Futilita-driverpack-notifier%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A7oivoclvcqev9drxhj3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A1%3Als%3A765585687028%3Ahid%3A927301556%3Az%3A0%3Ai%3A20220127124631%3Aet%3A1643287592%3Ac%3A1%3Arn%3A709637732%3Arqn%3A2%3Au%3A1643287592599046759%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1643287590054%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643287592%3At%3ADriverPack%20Notifier%3A%20%D1%87%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%2C%20%D0%BA%D0%B0%D0%BA%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B8%D1%82%D1%8C%2C%20%D0%B7%D0%B0%D1%87%D0%B5%D0%BC%20%D0%BD%D1%83%D0%B6%D0%BD%D0%B0&t=gdpr(14)mc(p-2-h-1)lt(28000)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
last-modified: Thu, 27-Jan-2022 12:46:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=geekon.media

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=geekon.media

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/ Frame B755 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 26 Jan 2022 16:12:29 GMT
expires: Wed, 09 Feb 2022 16:12:29 GMT
cache-control: public, max-age=1209600
age: 74043
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/ Frame 07B0 10 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Wed, 26 Jan 2022 16:12:29 GMT
expires: Wed, 09 Feb 2022 16:12:29 GMT
cache-control: public, max-age=1209600
age: 74043
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame B755 4 KB
1 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4007:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 12:15:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 12:46:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B755 205 B
295 B 31ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 00:17:18 GMT
x-content-type-options: nosniff
age: 44954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Jan 2023 00:17:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B755 604 B
1 KB 30ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:45:08 GMT
x-content-type-options: nosniff
age: 270084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 24 Jan 2023 09:45:08 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/ Frame B755 18 KB
8 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f71615ff8525c5569ded3c8534c4f38aa6c72802b7b224714accd759f95f0288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 9919231309400997276
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:43:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 07B0 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cf-AgJ5TyYeCRHfWpx_AP6ICkoAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NTI2MDc3NDY2ODk4NjagAdW20uoDyAEJqQIjkljJesuyPqgDAaoE1gFP0EV6VbCAC7KIWI68cdqIrmn1gJWrgg1Ux2AgQvPtsb07sNDc03gaiwvNcHN8cIRRYPMnNaqepVs7pFu15TlJXrLk0VMxNg1A7SP6CDdCORWdqH3K4qyy8dpdxY_UhcV0DFo8tGyMRJFoqVurk0Fe_U7yRB1k9IxR_RlLAoFzB3hUal5HV8OQ6Gh9fS9gyunnLhq9eMuKsNqr0fwsZKPqyqaoVeqdkKsUayEXIqRK44RNo7vt-06zbzRebCbBzRCFDK_n8zg_3O_nfpLJioMdD-EXk1aIgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzY1MjYwNzc0NjY4OTg2NhgA&sigh=mED5theURv8&uach_m=[UACH]&cid=CAQSGwCNIrLMHXFmrc6SL2b38vz-JkHZ1t536bT_RRgB

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 Jan 2022 12:46:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 07B0 0
0 90ms
22ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RO0HfJ2DYgICAAAAVxEtykbtd-cQJpTyYdayTDyBU7wg0x0xABI&wp=YfKUJwAHSOAIEdT1AAkAaLikaxRxgoK4cM2kOg

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 219172
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6542 132 KB
44 KB 169ms
121ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YfKUJwAHSOAIEdT1AAkAaLikaxRxgoK4cM2kOg&u=%7CULEqQ6RgNOP5j3M8B7dsg3Z8C4w6l5Rz2g85uuRpjl4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdjddh99QX_IRmoIq6E8e4B6l4znzR18_oqem7VOd7mleG59YdEhRPhTkMft_-H6cnKVcSufIiMRUUK9oFYlF17Ln2YwG5cwC7SGgsW9H6YbyypN37gipGUe6P9UT1M9YxI0d-Cg4PXi2hf31QMQ4X74QZ1Qsg7Ngjmf22HT_dPDEVwO2d-rRDHmXJmzWcpBDwNmULqJXIxsEzt2VrJl_uzb3ozMEyAEYlpman3w-mLNshK4iT0yL1azdtNAkit0J_rwjBaOQfVApj-ugAH9wC8UaKqIJJ5IR0_Ac1wKkDQjbq-MEmtILwZv-DQvfDt41VM8KOQA3O5YKbybWeRF8BgToy0ciRe00JY5Y2abY2URE08FJb4PGYO0mv9bFENLEEkqld3DkUIlJIE8dYBT2oF-Pk7W2TOPDo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJPHCJ5TyYeCRHfWpx_AP6ICkoAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NTI2MDc3NDY2ODk4NjagAdW20uoDyAEJqQIjkljJesuyPqgDAaoE2QFP0EV6VbCAC7KIWI68cdqIrmn1gJWrgg1Ux2AgQvPtsb07sNDc03gaiwvNcHN8cIRRYPMnNaqepVs7pFu15TlJXrLk0VMxNg1A7SP6CDdCORWdqH3K4qyy8dpdxY_UhcV0DFo8tGyMRJFoqVurk0Fe_U7yRB1k9IxR_RlLAoFzB3hUal5HV8OQ6Gh9fS9gyunnLhq9eMuKsNqr0fwsZKPqyqaoVeqdkKsUayEXIqRK48ZPgilqdNKg0KhKz_b8a-iMGKVR-RYnXlsvQzQ7NZ0xF2S9F0U3qfbAgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jRnxyOSXVg23AdbSMPwAt5ffxAg%26client%3Dca-pub-3652607746689866%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d2de46384a29a5ee4b5adfb5d4ca2a24fecc35592d0ae012418763623f14940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 27 Jan 2022 12:46:31 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Ht12U8YxNs9G1sWZE5vFHpJEPhNLNNVIBIYzp1R6P0GE-CkQSGaIOY8mb8Awtj0xcst59BegrIubtUn1dyPxwWh6ymVy1P6uhq4PDaSB9qn6AlT645hnpFh5Yb8eiudvXaBb_HHb10quDQIYF0yEmuWJ_KSz3M1EXBeCoh4OKieBAD-CrzcfCr796j6nrGstpyYPGB54BdnKzbWzU296D9aB8B9-TGLGUrjGQ4uY4MA6-THYm0h4Q0wJztIzcu-EzGNNZQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 101372664
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 07B0 2 KB
1 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:22:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07B0 123 KB
38 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 07B0 14 KB
6 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 1875255482418879373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:27:42 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 39ms
39ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geekon.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Thu, 27 Jan 2022 12:46:32 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://geekon.media
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 60ms
59ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2 200 WQyejI_zOEm0BGq0j1S00000Cvvcb0K0x04n9vJoOG00000upCgZ0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S3HSkW4eF83Y0Mz0v05pGIm1N-u1QW1m0Nq1CW5im7W1NQW1iW1g... Show response
an.yandex.ru/tracking/ Frame C311 0
67 B 62ms
62ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/tracking/WQyejI_zOEm0BGq0j1S00000Cvvcb0K0x04n9vJoOG00000upCgZ0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S3HSkW4eF83Y0Mz0v05pGIm1N-u1QW1m0Nq1CW5im7W1NQW1iW1g0R80Sa69w0i8qKej42f1-opG6hL65u2k0UGCj071E07f0_2a846y0dW0_W9i0c02WY82nAg2n3KCJ2cxBC003JPAhMFrWK0y0i6u0s2We41fxZ5cyF8-kGIe0x0X3se3-pdafJNceQl0e0GujlV7v3489WHWOmUeH66wr6u7eNZFu0K8AWKpGJGsu-D1k0K0TWLmOhsxAEFlFnZs1QofOBkpC7Hmzm1WHS00F0_c1UXmTGjq1WX-1Y06O8S3KXoCpfmSqzEUNfZLpVf780TVw4TlOFq4E4wm3-e7G7O7gs57w0VlwoK8CWVl-xhJz8V1JKpCJGn30088vZRaE1IsgQg1WH4nC-yjH8k3BzaNbIEouVAi2PzPnqVBGPu1W00~1?action-id=11

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame C311
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=df4cef9a9d6d450ab5ec60d0d98b0a43
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=df4cef9a9d6d450ab5ec60d0d98b0a43

0
355 B

34ms
34ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=df4cef9a9d6d450ab5ec60d0d98b0a43
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
server: nginx/1.20.1
mode: no-cors
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=df4cef9a9d6d450ab5ec60d0d98b0a43
Date: Thu, 27 Jan 2022 12:46:49 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C311 42 B
201 B 604ms
67ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 12:46:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

6jI.p8858vL03LH7n7je
an.yandex.ru/mapuid/dmpamberdata/ Frame C311
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1643287591
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1643287591
https://an.yandex.ru/mapuid/dmpamberdata/6jI.p8858vL03LH7n7je

43 B
80 B

40ms
40ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/6jI.p8858vL03LH7n7je

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

Date: Thu, 27 Jan 2022 12:46:32 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/6jI.p8858vL03LH7n7je
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 11
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

MWY4WMh_pdKY
an.yandex.ru/mapuid/dmpsegmento/ Frame C311
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/MWY4WMh_pdKY?sign=1135416232

43 B
80 B

40ms
40ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/MWY4WMh_pdKY?sign=1135416232

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/MWY4WMh_pdKY?sign=1135416232
Date: Thu, 27 Jan 2022 12:46:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

M_Ek-TSq6plb
an.yandex.ru/mapuid/rutargetis/ Frame C311
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/M_Ek-TSq6plb

43 B
80 B

42ms
42ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/M_Ek-TSq6plb

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/M_Ek-TSq6plb
Date: Thu, 27 Jan 2022 12:46:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

kqcOxaNKgtMGAcKNkEDqKw
an.yandex.ru/mapuid/dmpaidatame/ Frame C311
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/kqcOxaNKgtMGAcKNkEDqKw?sign=2354490114

43 B
80 B

40ms
40ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/kqcOxaNKgtMGAcKNkEDqKw?sign=2354490114

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
last-modified: Thu, 27 Jan 2022 12:46:31 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/kqcOxaNKgtMGAcKNkEDqKw?sign=2354490114
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 27 Jan 2022 12:46:31 GMT

GET
H2

200

276a5460-7f6f-11ec-9752-901b0e8d9836
an.yandex.ru/mapuid/dmpcleverdata/ Frame C311
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/276a5460-7f6f-11ec-9752-901b0e8d9836?sign=1947975097

43 B
99 B

43ms
42ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/276a5460-7f6f-11ec-9752-901b0e8d9836?sign=1947975097

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/276a5460-7f6f-11ec-9752-901b0e8d9836?sign=1947975097
date: Thu, 27 Jan 2022 12:46:32 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H2

200

75YfeGV96GuypmN7zWL5vO
an.yandex.ru/mapuid/dmpweborama/ Frame C311
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=4278350360
https://an.yandex.ru/mapuid/dmpweborama/75YfeGV96GuypmN7zWL5vO

43 B
80 B

42ms
42ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/75YfeGV96GuypmN7zWL5vO

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
via: 1.1 google
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
server: nginx/1.12.0
location: https://an.yandex.ru/mapuid/dmpweborama/75YfeGV96GuypmN7zWL5vO
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame C311
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

43ms
43ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

date: Thu, 27 Jan 2022 12:46:32 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
x-passed: 0bal1
content-type: application/x-javascript; charset=Windows-1251
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C311
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=13EAED04D4642436
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=13EAED04D4642436

42 B
945 B

32ms
32ms

Image
image/gif

54.194.244.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=13EAED04D4642436

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

HTTP/1.1

Server

54.194.244.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-244-117.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-095f9da51.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7BPsNtVzTDU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v027-0a9aa4bb8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nkdQOcNIQEk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=13EAED04D4642436
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame C311 0
238 B 180ms
61ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 102
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

6b8dc2dd5cea5aa440f301e980b01ddc98309defad53d4b464d9e9ae728b25e2
an.yandex.ru/mapuid/mediascope/ Frame C311
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/6b8dc2dd5cea5aa440f301e980b01ddc98309defad53d4b464d9e9ae728b25e2

43 B
80 B

40ms
40ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/6b8dc2dd5cea5aa440f301e980b01ddc98309defad53d4b464d9e9ae728b25e2

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: ms-counter-3.2.15/1.20.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/6b8dc2dd5cea5aa440f301e980b01ddc98309defad53d4b464d9e9ae728b25e2
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

0f37706a-b140-474d-94b3-7546b2048d67
an.yandex.ru/mapuid/upravelis/ Frame C311
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://0f37706a-b140-474d-94b3-7546b2048d67.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/0f37706a-b140-474d-94b3-7546b2048d67

43 B
80 B

41ms
40ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/0f37706a-b140-474d-94b3-7546b2048d67

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

date: Thu, 27 Jan 2022 12:46:32 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/0f37706a-b140-474d-94b3-7546b2048d67
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame C311
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=164BEB8F901FF8ED&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

39ms
39ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 12:46:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame C311
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=EA4C9FFAD1961893&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
135 B

40ms
40ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 12:46:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame C311
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=EA4C9FFAD1961893&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

39ms
39ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 12:46:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame C311
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1
https://t.adx.opera.com/sync?vendor=60143&uid=6AF89BD00F780187

0
410 B

61ms
20ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=6AF89BD00F780187
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=6AF89BD00F780187
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame C311
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/
https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=AC2D972DDC3F3180
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=AC2D972DDC3F3180&crf=1

68 B
607 B

49ms
49ms

Image
image/png

188.42.29.166
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=AC2D972DDC3F3180&crf=1
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: H2
Server: 188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=AC2D972DDC3F3180&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

404

0100007F2994F26194067E070236B6AA
an.yandex.ru/mapuid/SAPEis/ Frame C311
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=0100007F2994F2612400656B02758442&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/SAPEis/0100007F2994F26194067E070236B6AA

43 B
80 B

39ms
39ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/SAPEis/0100007F2994F26194067E070236B6AA

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:33 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:33 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:33 GMT

Redirect headers

date: Thu, 27 Jan 2022 12:46:33 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/SAPEis/0100007F2994F26194067E070236B6AA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

79fd841a-5ff2-41cd-ac1d-6a3097c476d2
an.yandex.ru/mapuid/qbitis/ Frame C311
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
https://an.yandex.ru/mapuid/qbitis/79fd841a-5ff2-41cd-ac1d-6a3097c476d2

43 B
80 B

41ms
40ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/qbitis/79fd841a-5ff2-41cd-ac1d-6a3097c476d2

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

Date: Thu, 27 Jan 2022 12:46:32 GMT
Server: nginx/1.21.0
Location: https://an.yandex.ru/mapuid/qbitis/79fd841a-5ff2-41cd-ac1d-6a3097c476d2
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H2

200

19f5d1b9-6e39-511b-bb5d-04afdaaf9087
an.yandex.ru/mapuid/betweendigitalis/ Frame C311
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/betweendigitalis/19f5d1b9-6e39-511b-bb5d-04afdaaf9087

43 B
80 B

41ms
41ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/19f5d1b9-6e39-511b-bb5d-04afdaaf9087

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/19f5d1b9-6e39-511b-bb5d-04afdaaf9087
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f
an.yandex.ru/mapuid/mtsdspis/ Frame C311
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fdff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f
https://an.yandex.ru/mapuid/mtsdspis/dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f

43 B
80 B

41ms
41ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

Date: Thu, 27 Jan 2022 12:46:32 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame C311 43 B
390 B 34ms
7ms Image
image/gif 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 12:46:32 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 match
dm.hybrid.ai/ Frame C311 0
237 B 65ms
64ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 108
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C311 42 B
201 B 619ms
335ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 12:46:32 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

Rz6iGp1AmOUfU0vh7VSI
an.yandex.ru/mapuid/kadamis/ Frame C311
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/Rz6iGp1AmOUfU0vh7VSI

43 B
80 B

41ms
41ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/Rz6iGp1AmOUfU0vh7VSI

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/Rz6iGp1AmOUfU0vh7VSI
date: Thu, 27 Jan 2022 12:46:32 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

xRvIN5nqtim.AikABlF-m5K-Xw
an.yandex.ru/mapuid/getintentis/ Frame C311
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/xRvIN5nqtim.AikABlF-m5K-Xw

43 B
80 B

42ms
41ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/xRvIN5nqtim.AikABlF-m5K-Xw

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f9-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/getintentis/xRvIN5nqtim.AikABlF-m5K-Xw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame C311 95 B
400 B 131ms
40ms Image
image/png 2a02:6b8::5:114
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 12:46:32 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Fri, 28 Jan 2022 12:46:32 GMT

GET
H2 200 image.jpg
storage.mds.yandex.net/get-canvas-html5/1003119/7d70759c-f779-4e71-8d73-d738ea5ab229/ Frame 1860 33 KB
33 KB 171ms
78ms Image
image/jpeg 2a02:6b8::158
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.mds.yandex.net/get-canvas-html5/1003119/7d70759c-f779-4e71-8d73-d738ea5ab229/image.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/protected/render.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 0e498acee76811d27d3fd6fa85050262110a471d29f2e221bae9e4b2a583b154

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
last-modified: Tue, 23 Nov 2021 06:44:33 GMT
server: nginx
etag: "d2435ae7beb3a5773b7ad0ecc8f9882c"
x-cache-status: hit
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-data-size: 33470
x-mds-request-id: 796d78873155cfe4
x-robots-tag: noindex, noarchive, nofollow
content-length: 33470

GET
DATA 200
OK truncated
/ Frame 07B0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64996fbc9d0359ac33251d9cbc7b8bfccac068cdf298fae268c5d5e7a2ea51c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 2521 8 KB
888 B 54ms
27ms Stylesheet
text/css 2a00:1450:4007:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 12:16:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 12:46:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 2521 1 KB
875 B 28ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:32:49 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/ Frame 2521 18 KB
7 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7601
x-xss-protection: 0
server: cafe
etag: 4205405063411256933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:10:53 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 2521 2 KB
1 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:17:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:17:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2521 123 KB
37 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/ Frame 2521 14 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220125/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 1875255482418879373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Feb 2022 12:14:54 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame 2521 27 KB
11 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 19:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 13:53:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 19:13:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 42A8 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 27 Jan 2022 12:03:01 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 2611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6542 2 KB
1 KB 52ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfKUJwAHSOAIEdT1AAkAaLikaxRxgoK4cM2kOg&u=%7CULEqQ6RgNOP5j3M8B7dsg3Z8C4w6l5Rz2g85uuRpjl4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdjddh99QX_IRmoIq6E8e4B6l4znzR18_oqem7VOd7mleG59YdEhRPhTkMft_-H6cnKVcSufIiMRUUK9oFYlF17Ln2YwG5cwC7SGgsW9H6YbyypN37gipGUe6P9UT1M9YxI0d-Cg4PXi2hf31QMQ4X74QZ1Qsg7Ngjmf22HT_dPDEVwO2d-rRDHmXJmzWcpBDwNmULqJXIxsEzt2VrJl_uzb3ozMEyAEYlpman3w-mLNshK4iT0yL1azdtNAkit0J_rwjBaOQfVApj-ugAH9wC8UaKqIJJ5IR0_Ac1wKkDQjbq-MEmtILwZv-DQvfDt41VM8KOQA3O5YKbybWeRF8BgToy0ciRe00JY5Y2abY2URE08FJb4PGYO0mv9bFENLEEkqld3DkUIlJIE8dYBT2oF-Pk7W2TOPDo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJPHCJ5TyYeCRHfWpx_AP6ICkoAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NTI2MDc3NDY2ODk4NjagAdW20uoDyAEJqQIjkljJesuyPqgDAaoE2QFP0EV6VbCAC7KIWI68cdqIrmn1gJWrgg1Ux2AgQvPtsb07sNDc03gaiwvNcHN8cIRRYPMnNaqepVs7pFu15TlJXrLk0VMxNg1A7SP6CDdCORWdqH3K4qyy8dpdxY_UhcV0DFo8tGyMRJFoqVurk0Fe_U7yRB1k9IxR_RlLAoFzB3hUal5HV8OQ6Gh9fS9gyunnLhq9eMuKsNqr0fwsZKPqyqaoVeqdkKsUayEXIqRK48ZPgilqdNKg0KhKz_b8a-iMGKVR-RYnXlsvQzQ7NZ0xF2S9F0U3qfbAgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0jRnxyOSXVg23AdbSMPwAt5ffxAg%26client%3Dca-pub-3652607746689866%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:46:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6542 2 KB
1 KB 52ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:46:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6542 308 B
636 B 51ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 22 Jan 2023 12:46:32 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 6542 507 B
835 B 52ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sun, 22 Jan 2023 12:46:32 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 6542 43 B
347 B 60ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=Sn_ewTqIuRg9IBP6gwNPNSoSd0XbsVr1WFjxRZaxYll_wGFmBgEx9VifaG4Ad8NWCh_3lxdCXSTcW8rrICNmUdF0omQY7pGbed7I-3XyhewVYbzzoOVW092r050oYe2YPD1YohWaSJVeQUcz5P8QlRGuFevOr3yhbs-aB1S_LtTmQN5WvdSLgLrlLeuESan9w8sEPNsptJPFZJRJmknGowBPReZaTGyYUWROu_kbRM5Fw1ji8TNKJILPEs0fMAc_3rEljAuF6KrmvUsl3owt3J_8O6EQb5ao84nwxxyVzAngvgor7K2Q0DXdDZCoUdv8XwE3BhfrGue145JCiSlAeOBVEFrUHLBa7vbzw4dwoqCN4RoV40aDtwQWm_kfuzdibQYX0nPndmps1sViAO09MI8ZenA8HcADNRISI8XjkQVd-9LqV9eX9JKHoRsmlPHJkEVO5Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:31 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2801573
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 42A8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

93ms
92ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 Jan 2022 12:46:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Jan 2022 12:46:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 Jan 2022 12:46:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C35 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 11:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 11:07:28 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6542 12 KB
5 KB 61ms
25ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 250786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xt2WnjLtitLhBi03UBU%2BbzQsi231KNhD0pbII5BB%2Fgii9wQmXsWPkbfsf1gPnph%2BQ%2BN17fryJRj%2BLWlUXRrvd0sDSimzoYePPugdGaYyxzb8YPbyel4WwYAqSHcqENPk1kVXL3iRuxiOn%2BARSrrvtVzA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d42159bcef983b5-MXP
expires: Tue, 17 Jan 2023 12:46:32 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6542 12 KB
6 KB 19ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:46:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6542 11 KB
11 KB 64ms
22ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=mhWwn-irkdD7mZLREJ1cecKL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:40:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 270379
vary: Origin
x-cache: hit
content-type: image/png
cache-control: public, max-age=28522635
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 11345
expires: Tue, 20 Dec 2022 12:37:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6542 66 KB
66 KB 64ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:15:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 271857
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=31381877
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 67290
expires: Sun, 22 Jan 2023 14:26:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6542 29 KB
30 KB 87ms
45ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1869280-_x600-nocrop.jpg&v=3&w=400&s=_BOKbeajDOx6IHyVWu03i-gB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

42c1bc55a67369b68ff20d684d3be5182c5eabc3ba7e888d7ff1850043b4c09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:13:57 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 268354
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=31354463
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 30204
expires: Sun, 22 Jan 2023 07:48:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6542 42 KB
42 KB 90ms
49ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1425942-_x600-nocrop.jpg&v=3&w=400&s=_UadUMxgxO5_S6jx45C4ur3B&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

920b630046366297035d0116b52ec9af046bf1ee53bf4dc75fda35d7d03896fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 10:03:55 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 268956
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=28718975
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 42850
expires: Thu, 22 Dec 2022 19:33:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6542 69 KB
69 KB 94ms
53ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=400&s=U50QBZteurZUBwwnN0OH3RYn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 09:16:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 271827
vary: Origin
x-cache: hit
content-type: image/webp
cache-control: public, max-age=31358720
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 70472
expires: Sun, 22 Jan 2023 08:01:25 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6542 0
127 B 55ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Ht12U8YxNs9G1sWZE5vFHpJEPhNLNNVIBIYzp1R6P0GE-CkQSGaIOY8mb8Awtj0xcst59BegrIubtUn1dyPxwWh6ymVy1P6uhq4PDaSB9qn6AlT645hnpFh5Yb8eiudvXaBb_HHb10quDQIYF0yEmuWJ_KSz3M1EXBeCoh4OKieBAD-CrzcfCr796j6nrGstpyYPGB54BdnKzbWzU296D9aB8B9-TGLGUrjGQ4uY4MA6-THYm0h4Q0wJztIzcu-EzGNNZQ&sds=2&rev=80217&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 12:46:31 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6542 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:46:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6542 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 22 Jan 2023 12:46:32 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 56ms
42ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3652607746689866
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 6542 2 KB
507 B 28ms
28ms Stylesheet
text/css 2a00:1450:4007:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4007:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 11:20:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 12:46:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 6542 44 KB
45 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options: nosniff
age: 61954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:33:58 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame 6542 46 KB
46 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:33:58 GMT
x-content-type-options: nosniff
age: 61954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:33:58 GMT

GET
H3 200 admin-ajax.php Show response
geekon.media/wp-admin/ 13 KB
3 KB 443ms
443ms XHR
text/html 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geekon.media/wp-admin/admin-ajax.php?lang=en&action=decom_comments&f=sort_comments&decom_comments_sort=&post_id=19209

Requested by

Host: geekon.media
URL: https://geekon.media/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3fcd6015417777f58fa897846e9a6f99d0ca6001311508cd25b5df7a1d4142b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://geekon.media/utilita-driverpack-notifier/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d42159cad56374d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZMDUbA7%2F2SoUN8n71f1YGESFYjwXpBp6qjPw9e97Jqc2NkVpidP3b%2Bw5mU6Ylb1Zp6xCs4a25C7BdH6BjV6ukKuTTrQCswpzNhpXHux4uK%2FOPLk5a4vQaTD%2F8f3S7Wkxi6ITpSHq7UGC%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 photo.svg Show response
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/ 1 KB
1 KB 29ms
29ms XHR
image/svg+xml 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/photo.svg
Requested by: Host: geekon.media
URL: https://geekon.media/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3f269b095764e9feb2fc6ee3f4eb5f5f08587d8f3695daef1a0609e0930f49

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://geekon.media/utilita-driverpack-notifier/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 Dec 2019 12:42:00 GMT
server: cloudflare
etag: W/"5e05fc18-509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGNZQWG2RK%2FIMgAPHJISi71J6FjtIZiKIFUXRKsCiKKzVD%2FmdgephccirP7wq90RCMqzvn13%2BD8fn3UUtKh8qrGHtt412uOeLc48Bv%2FWUohy5gsE9Fl5LHNpeqBL866VS2ytAaQ2FyLldiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6d42159cad5a374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 21ms
20ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220125&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a864fefe2f02c21044764ba001fe0d081e5c5142ab0be2bac417f4b59e79b650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8923
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 12:46:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 76AD 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Jan 2022 12:32:52 GMT
expires: Fri, 27 Jan 2023 12:32:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 193A 783 B
534 B 33ms
17ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f232ac0713f32f2a5c079292be1fc0cbcad273a972a5a87a26f3cabc65fcc734

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qtnL1j3SJGiyePbfAQQaKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 27 Jan 2022 12:46:32 GMT
date: Thu, 27 Jan 2022 12:46:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qtnL1j3SJGiyePbfAQQaKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 76AD 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 11:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 11:07:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 193A 0
0 47ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220125&jk=3213485485922822&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 76AD 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UHmrJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220125&jk=3213485485922822&bg=!2Nul25_NAAY6OBv_Ojg7ACkAdvg8WjvVgsyI8Mkji-JEYpXTY4SRMPKBK7-2YeKA7whIuGQU1kZ7RQIAAABVUgAAAAJoAQcKADex_QH2QYU_tKAyRj7E40dE5-nCn6oqeFqWgtOI8vr-zmIJT0fbRp-NpAYCevstFyEg7x4GgrZkmQLVvXCv5pFiLyAe-e2iEIQkrpJ1Vzzi-z4IA7xJuFUrVe4ilgerJtEBLO0tu6wI0TEBRLX4YSbp_GK1wGBuJYf9Xc0ZtIe1BaAxbf4ycouefNsmr5F4MMWDwlyZ66Ibwc9PrPtyPi8LWE6njAjBNjXuo17LTvubHfJh3QB-A4X60ps3P_d2BclUxY57RsTGuR3E-Yo1muQ--aeGfOjOtHef3YR848GwWS1_aUG9Ro8KmuX64UN8lkfMCSRH-BDRh0d4Hs1pKE-Opdwul1gvMuNCM9cDjRpHFBJ6qwhgazQEIiq9642ytDFKWcVUaQFbdhVTvwPeYl6Zi2jEZQOrLlxaLlTeMALXId1rAd1ODydEI5esNoMoHTRpa-AOnGERvWUcD_YNx495LKJDL2w7J_UXVAQ_haQ9ePdrIeKChBr4UcuMQGn6biZKCxcP4W_E0BP4jvP3wMyHu8p0B6LBI6x6A_89rYSYkA0EJ0N3ZtXRP5Z--BN5DEAAnrBZ81tlPiPXgq4KgGTQ6UV_EzYvQR09bku2gW5H2CoiENqyYQRgypnnm6O0ldql6CFNU4jsAj3s7c3EW42_zGlrkVDafvihO7j9LTr7_NNsxRpAcKGZWnzSZG_J8PTgi_3sn-Dgv2Vt9x_vUU5fXuQxAoCRxAADjmHEVFntSauAKmgYxsOnI_9YaxQqmVpBLtZ3FbFSO2opGgzc9NRK7GppGgZldF-C0nLnQlUoHTf9v8mBSJxwxIkddqonWdbASg6kdA3HLyOBXz9boq_FQJJNIsfUZLOOLmjRAXDBwuA7ZbqDOaXBicbP1FXN2kR9j0arPXbncIddA7Ry19-h-vLhbyU8edwEcfOJ-bVSoScWpIipn3QO4hCHfuxfEAOoLF3d-QWdzI8d_pGHIxmm6OLA86EYA-ZPbHBKYQ-ZL-kzUIuwxgQ5kuvEhNqAX7_3A_DpaGkAWYpA1WB-wTQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 photo.svg
geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/ 1 KB
1 KB 29ms
29ms Image
image/svg+xml 2606:4700:3030::ac43:a810
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geekon.media/wp-content/plugins/decomments/templates/decomments/assets/images/svg/photo.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a810 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3f269b095764e9feb2fc6ee3f4eb5f5f08587d8f3695daef1a0609e0930f49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geekon.media/utilita-driverpack-notifier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 Dec 2019 12:42:00 GMT
server: cloudflare
etag: W/"5e05fc18-509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7FAcq1eQwiHdgjZgOBqti3CYOGAs6lbHBPHxrJ3MWEClDxOnzUs8cKnAFz8SXFUIgWWw0OwvTbWHal1DW4UkP%2FD4sh5PKAkoPWxFJOrWQhc%2FN0Sdyjy9MSAjQZT3oNGu4pjnHE6JNup0v4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6d42159f7c90374d-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 07B0 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGycGcdxBG2yWMYu91kh2J7L2o8kqV3pSWt4O3v9wsk387NoYtUyDm21lXxfwvxO1-Qnw_0d5tL98CoTEbmZum&sig=Cg0ArKJSzFGlE8yTa6IJEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,765,1000,1116,1267&tos=84,681,235,116,151&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643287592001&rpt=111&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6542 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 12:46:32 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 WMWejI_zOBW0zGe0L18Mh8ZXE7LwL0K0k04GW8200J4dbF9X000003ZCogC1i06Qbjsi28W22Ra25V6y3pW58BJm0jpRcTC2-0A2W820mD5oy0K1e0R80Sa69w0i8qKej42f1-opG6hL65u2u0Fu2R09W0e8Y0gj2OWB4geB4DGnCARiim00DDagjO_My0i6W0oQb... Show response
an.yandex.ru/count/ 0
51 B 46ms
46ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WMWejI_zOBW0zGe0L18Mh8ZXE7LwL0K0k04GW8200J4dbF9X000003ZCogC1i06Qbjsi28W22Ra25V6y3pW58BJm0jpRcTC2-0A2W820mD5oy0K1e0R80Sa69w0i8qKej42f1-opG6hL65u2u0Fu2R09W0e8Y0gj2OWB4geB4DGnCARiim00DDagjO_My0i6W0oQbjsi2E0DWeA10PWEfxZ5cyF8-kGIkGwUmGuC3QWFxEUIbDUQXgy2a12ofOBkpC7Hmzm1-1030U3e-VKnu1G1s1N1YlRieu-y_6FmoHRmFu4Ng1SDcHZG627u680Pk1d_0S0Pf_3rZuUvuUmkqXaIUM5YSrzpPN9sPN8lSZOnDoqow1d61l0PWC83WXmDI78pEd1pJqvvUcDND-aSW1t_Vn40K6JSQn0O1e91mLqL3PFe5Y5e69ZBLdS4NwO4Ota6f6QX_NEGWKQCRFIBpbnkxHplfV2vOGO0~1=WgqejI_zO2e27HK0j2JH74yxAWD034W2O8mOQ0HmpBli_UYbvBhi0O01qzsP18W1Yupi3P01diIkyTI0W802c06UnAxnLB01cfRTh0Yu0Q3rlguZs07-tDUV0U01lhlkdeYDthu1e0A4sOiPi0EWyWFu1Bq3Y0Mz0v05pGIW1N-e1N-m1N-u1QW1m0Nq1CW5im7G1ItW1NQO1kwfbva9g0R80RW7a3Aa3_470032a846u0Z2xCKCW0e8oGehqq2A32ZkFzaBxBD0QjKONWBe2yq4W0oQbjsi28WCofVUlW7e39i6c0sqmg0Em8GzkGwUmGuC3O0GujlV7v348D0GvOklNvWHWOmUeH66wr6u7eNZu17tkh05w17snVECvFkfu8G14VOqF0TtK3-O4mBW4wW1W1GWY1I6zEUGgVZFWSy1e1Ie0QWKpGJGsu-D1kWKZ0BG5T3RZuq6s1N1YlRieu-y_6EW5gxtX8y6g1Re1x0Mw0N95j0MofVUlW7O5hAbWkxCmT73t0615vWNeS7KBRWN1C0NjZBG5z260zWNilGyw1S1cHYW60om6Fp_oOy6k1W1-1ZaYBNvjzhNhrI06OaPetQW6S01k1d___y1u1a1w1d61l0PWC83WHh__nyT3fxge8WQm8Gzc1hKmrFr6W40003u6hJ2EPWRqziti1j8k1i3wHi00010uD1fGV0RWEpG5lWRnPIa1-aSW1t_VvaTeHszW_GGuJh0FwWT0U0TeS85g1u1s1wjXH-87____m6W7x-ib22m7mF87x_kwq_I7mKrCp4qCHe0G3KS3Y4ZPfGiZno4CY3kZYp0bC5H90TABdc6qFuBTHB3nRDvpPfW8IJukmgtYq3B1Ko2O7J6JQ8gAgVA-p-U2_uY1idOGqXnayQ0KgLq_gbtvX3F~1?viewability-undetermined=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:33 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:33 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:33 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:33 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:33 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:33 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame C311 105 KB
37 KB 51ms
51ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: geekon.media
URL: https://geekon.media/utilita-driverpack-notifier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:33 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 30 Jan 2022 00:45:42 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: fb542db6c1a8cd58

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame C311 137 KB
49 KB 82ms
81ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Thu, 27 Jan 2022 13:46:34 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame C311 403 B
847 B 97ms
97ms Fetch
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgeekon.media%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e45d3dfa17ad28f6bf7246bcc7ecf22ba47bc25738702278055cc770f2c9fed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame C311 39 KB
15 KB 27ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14855
x-xss-protection: 0
server: cafe
etag: 17539559064140624452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 12:46:34 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame C311
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KpTyYbb-BrbFx_APnae9oA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=905215648&crd=&is_vtc=1&random=3189939395
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=905215648&crd=&is_vtc=1&random=3189939395&ipr=y

42 B
108 B

42ms
18ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=905215648&crd=&is_vtc=1&random=3189939395&ipr=y

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=905215648&crd=&is_vtc=1&random=3189939395&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame C311
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KpTyYa-EB8XUx_APwem-gA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1204977858&crd=&is_vtc=1&random=1139778898
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1204977858&crd=&is_vtc=1&random=1139778898&ipr=y

42 B
548 B

38ms
17ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1204977858&crd=&is_vtc=1&random=1139778898&ipr=y

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1204977858&crd=&is_vtc=1&random=1139778898&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame C311 167 B
262 B 41ms
41ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgeekon.media%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A555811872782%3Ahid%3A20574221%3Az%3A0%3Ai%3A20220127124634%3Aet%3A1643287594%3Ac%3A1%3Arn%3A553076713%3Arqn%3A1%3Au%3A1643287594412430195%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643287591930%3Ads%3A0%2C76%2C37%2C6%2C0%2C0%2C%2C11%2C1%2C132%2C132%2C0%2C131%3Aco%3A0%3Ast%3A1643287594&t=gdpr()aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f93be56796fb225acd0b666a0ddaafa8e3c3213d4aa0a6a97c0ec9c312e34d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 12:46:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:34 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame C311 43 B
112 B 42ms
42ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:46:34 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Jan 2022 13:46:34 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame C311 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1643287594163&cv=9&fst=1643287594163&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

907b5e6ad5324e9cad881c4f26ef0f130ac6a31854846f20556ed3fb4689bac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame C311 3 KB
1 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1643287594166&cv=9&fst=1643287594166&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

185abbdc61f80e63aba980d8c894f2695c8dc4941aa09837cb81539ae5ed9dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame C311 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1643287594168&cv=9&fst=1643287594168&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39f758eb5c191beb2feda385d99ed2955670f467517ce4064a31fc61db4ba6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/693627671/ Frame C311
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1643287594168&cv=9&fst=1643287594168&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
https://www.google.com/pagead/1p-user-list/693627671/?random=1643287594168&cv=9&fst=1643284800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_npl...
https://www.google.de/pagead/1p-user-list/693627671/?random=1643287594168&cv=9&fst=1643284800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplu...

42 B
108 B

19ms
19ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1643287594168&cv=9&fst=1643284800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&is_vtc=1&random=248917789&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/693627671/?random=1643287594168&cv=9&fst=1643284800000&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&is_vtc=1&random=248917789&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame C311 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1643287594163&cv=9&fst=1643284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&fmt=3&is_vtc=1&random=1860791665&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame C311 42 B
108 B 25ms
22ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1643287594163&cv=9&fst=1643284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&fmt=3&is_vtc=1&random=1860791665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame C311 350 B
405 B 42ms
42ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgeekon.media%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Agqny5kf3qo6c2s0fzz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A1%3Als%3A422682820812%3Ahid%3A20574221%3Az%3A0%3Ai%3A20220127124634%3Aet%3A1643287594%3Ac%3A1%3Arn%3A477663312%3Arqn%3A1%3Au%3A1643287594412430195%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643287591930%3Ads%3A0%2C76%2C37%2C6%2C0%2C0%2C%2C11%2C1%2C132%2C132%2C0%2C131%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643287594%3At%3A&t=gdpr(6)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

68085463ac23d35e580caa71f484c9f2de9694f2a235387b988013a3ba28258a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 27-Jan-2022 12:46:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 27-Jan-2022 12:46:34 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame C311 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1643287594168&cv=9&fst=1643284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&fmt=3&is_vtc=1&random=39819142&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame C311 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1643287594168&cv=9&fst=1643284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&fmt=3&is_vtc=1&random=39819142&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame C311 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1643287594166&cv=9&fst=1643284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&fmt=3&is_vtc=1&random=1082957469&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame C311 42 B
64 B 40ms
24ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1643287594166&cv=9&fst=1643284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgeekon.media%2F&async=1&fmt=3&is_vtc=1&random=1082957469&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1Q-WbCg40Ra100000000U9nJL5-We-ogiSN1yCtcbgAh4d5CbkfJFYKo084dJ2JqOSSQiTXbHI8CgOn0ySmtcnsoGEAbd41URGgGQ6K4aLE1iWeCCncDZ1d0O27ZF0K8QoKZ3o-4jPTHGekRuIYOVvKHPDnTHWOP1eQ_ZBrBJplDPM82YYnb-W0arp9503bdcVu3m... Show response
an.yandex.ru/rtbcount/ 43 B
154 B 40ms
40ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1Q-WbCg40Ra100000000U9nJL5-We-ogiSN1yCtcbgAh4d5CbkfJFYKo084dJ2JqOSSQiTXbHI8CgOn0ySmtcnsoGEAbd41URGgGQ6K4aLE1iWeCCncDZ1d0O27ZF0K8QoKZ3o-4jPTHGekRuIYOVvKHPDnTHWOP1eQ_ZBrBJplDPM82YYnb-W0arp9503bdcVu3mIicWIk61ilUR6PWCBcfjRN_6Yl3NoOMaCNCh42obraHP3qp1v2SommoOYKpawC20uY_aJblLstQDFdcyfFCwZ65nYwlJWfTPGPR32QVCjj__yNvazd1YH_YQ9PosJLWrWuMvWCiZ3TP80x_OF-GPTPC4BXf_vO5vFm5hBmdMHUNiOEbBx0gt6HLh_XRUABrfjvNLf2ZVx5o6fgPcvWO6HbRDh3jV_VQVmRRbSF12zYUFE_itl5bxOEybMmm4m-mUPnWOtx4nkjHP6nLKEplLrcL76x-aWrczqysXwo7xsmiFjZFOcSrDJOqCGG0Yqw5Nm00?confirmTime=2100000&confirmRatio=1000000&test-tag=504177620942850&rnd=3597934948824&pcode-active-testids=487926%2C0%2C45%3B478504%2C0%2C2&width=838&height=600&media-test-tag=15384709987

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://geekon.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:34 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://geekon.media
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:34 GMT

GET
H2 200 WQyejI_zOEm0BGq0j1S00000Cvvcb0K0x04n9vJoOG00000upCgZ0M2C66W4W07JtPa4Y06BZEmDa06UnAxnr820W0AO0Px4hl5Ki06Qbjsi2BW1eFM-hYFO0VxSrvy1u06-k-wU0Q02XDcB6S3HSkW4eF83Y0Mz0v05pGIm1N-u1QW1m0Nq1CW5im7W1NQW1iW1g...
an.yandex.ru/tracking/ Frame C311 0
49 B 41ms
40ms Image
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 12:46:34 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 12:46:34 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 27 Jan 2022 12:46:34 GMT

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:36:45	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:29:33	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 00:29:33	Name: pcs3 Value: 1
.geekon.media/	1970-01-20 17:59:19	Name: _ga Value: GA1.2.586390742.1643287591
.geekon.media/	1970-01-20 00:29:33	Name: _gid Value: GA1.2.475277681.1643287591
.geekon.media/	1970-01-20 00:28:07	Name: _gat_gtag_UA_122658051_2 Value: 1
geekon.media/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.geekon.media/	1970-01-20 09:49:43	Name: __gads Value: ID=f30b671e47327fb4-223eb0e12dcd002f:T=1643287591:RT=1643287591:S=ALNI_MbUlV8QO5PrCXousrtTdAQdnFC1oQ
.geekon.media/	1970-01-20 09:13:43	Name: _ym_uid Value: 1643287592599046759
.geekon.media/	1970-01-20 09:13:43	Name: _ym_d Value: 1643287592
.mc.yandex.com/	1970-01-20 00:28:08	Name: sync_cookie_csrf Value: 1921875711fake
.geekon.media/	1970-01-20 00:29:19	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 00:28:08	Name: sync_cookie_csrf Value: 4187554530fake
.yandex.com/	1970-01-20 09:13:43	Name: yandexuid Value: 3627825841643287591
.yandex.com/	1970-01-20 09:13:43	Name: yuidss Value: 3627825841643287591
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1030280271643287591
.yandex.com/	1970-01-23 16:04:07	Name: i Value: Q0ChzmJlCk3zBc0cWOaoCLX+goNDKcFU4fB7YJc0FaI4R9i+wsGKA5YVDUgwntbMkiAJvxTSOOWaE/CdYAU+XJ6GIj4=
.yandex.com/	1970-01-20 09:13:43	Name: ymex Value: 1674823591.yrts.1643287591#1674823591.yrtsi.1643287591
.an.yandex.ru/	1970-01-20 00:38:12	Name: yabs-vdrf Value: A0
.doubleclick.net/	1970-01-20 09:49:43	Name: IDE Value: AHWqTUlc7vahdCxSW-XEMWvELYT0BcFrRgLGPPn0tooOF1o_7tdD7_lQfNFhvp8Rqjk
.1dmp.io/	1970-01-20 09:13:43	Name: uid Value: 276a5460-7f6f-11ec-9752-901b0e8d9836
.weborama.fr/	1970-01-20 09:59:48	Name: AFFICHE_W Value: eJQn27h3G9d478
.1dmp.io/	1970-01-20 00:28:07	Name: ru-seq Value: null
.yandex.ru/	1970-01-23 16:04:07	Name: yuidss Value: 9046624391643287592
.yandex.ru/	1970-01-23 16:04:07	Name: yandexuid Value: 9046624391643287592
.sonar.semantiqo.com/	1970-01-21 21:06:31	Name: semantiqo_a Value: df4cef9a9d6d450ab5ec60d0d98b0a43
.sonar.semantiqo.com/	1970-01-20 09:23:48	Name: check Value: 1312a285c66d41ebab339c4f6eb3ba02
.aidata.io/	1970-01-20 17:59:19	Name: __upin Value: kqcOxaNKgtMGAcKNkEDqKw
.aidata.io/	1970-01-20 17:59:19	Name: __upints Value: 1643287592
.adx.opera.com/	1970-01-20 01:11:19	Name: UID Value: d44b4ad7f52d4279af494e651ea369ff
.dmg.digitaltarget.ru/	1970-01-21 02:23:19	Name: viuserid Value: 6jI.p8858vL03LH7n7je
.upravel.com/	1970-01-20 00:28:07	Name: session_tptc Value: 1643287592267
x01.aidata.io/	1970-01-20 00:38:12	Name: yaya Value: 1
.demdex.net/	1970-01-20 04:47:19	Name: demdex Value: 11300890231165583931219955757308252391
.tns-counter.ru/	1970-01-20 09:13:43	Name: guid Value: 14AF680961F29428X1643287592
.upravel.com/	1970-01-23 16:04:07	Name: user_id Value: 0f37706a-b140-474d-94b3-7546b2048d67
.betweendigital.com/	1970-01-20 09:13:43	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 09:13:43	Name: tuuid Value: 19f5d1b9-6e39-511b-bb5d-04afdaaf9087
.betweendigital.com/	1970-01-20 09:13:43	Name: ss Value: 1
.dpm.demdex.net/	1970-01-20 04:47:19	Name: dpm Value: 11300890231165583931219955757308252391
.doubleclick.net/	1970-01-20 00:28:11	Name: DSID Value: NO_DATA
.whiteboxdigital.ru/	1970-01-20 17:58:33	Name: MiId Value: 79fd841a-5ff2-41cd-ac1d-6a3097c476d2
.rutarget.ru/	1970-01-20 04:47:19	Name: userId Value: MWY4WMh_pdKY
.betweendigital.com/	1970-01-20 09:13:43	Name: ut Value: YfKUKAAF_yhw5yS0OKk1SK0R8W8HiFdbvKSukA==
.uuidksinc.net/	1970-01-20 09:13:43	Name: jcsuuid Value: Rz6iGp1AmOUfU0vh7VSI
.mts.ru/	1970-01-20 09:00:45	Name: dspid Value: dff0ffb3-8f7e-4ef1-8b17-25ee0d00d76f
.adhigh.net/	1970-01-20 09:13:43	Name: gi_u Value: xRvIN5nqtim.AikABlF-m5K-Xw
.adhigh.net/	1970-01-20 09:13:43	Name: yandexssp_sync Value: j8B
.mts.ru/	1970-01-23 14:52:07	Name: mts_id Value: ff2e8012-fb08-428f-9b92-7fbc2c35db28
.mts.ru/	1970-01-23 14:52:07	Name: mts_id_last_sync Value: 1643287592
geekon.media/	2022-02-15 13:57:52	Name: decomments_sort Value:
.acint.net/	1970-01-20 00:28:08	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHylCkHfgaUqrY2AkXHjMv73gCXaau6qYKL0eoUFz8u
.acint.net/	1970-01-20 01:11:19	Name: cSyncDp14v3 Value: 1643287593
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHylClrZQAkQoR1Agx4tC/D/41W0yaAV+MNZnpahL/G
.yandex.ru/	1970-01-20 17:59:19	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 17:59:19	Name: is_gdpr_b Value: CLWUVBDnXhgB
.yandex.ru/	1970-01-20 17:59:19	Name: i Value: YcJCcvAMeyzLHqY35+d87MHJQbmLYp9W99SOpsEV4+hXKDDBFsrkkbzjYTZoR4ox1V/THxS0ALFD9ZgEKa/on6C8nDM=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9531.JPVCWcZFbL_UPdpgy9_A87zjK4w_MNOvXVNlU3fn_UznXonZDCg7sGSBzvQcO8v_AypOyRlj4nTxo_T7MM0cvA%2C%2C.ZoKacRhOvAAUQjIEdvMKJ1Q26ac%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/mapuid/SAPEis/0100007F2994F26194067E070236B6AA Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f37706a-b140-474d-94b3-7546b2048d67.sync.upravel.com
acint.net
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
an.yandex.ru
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
csm.eu.criteo.net
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
geekon.media
googleads.g.doubleclick.net
i0.wp.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
profile.ssp.rambler.ru
px.adhigh.net
redirect.frontend.weborama.fr
rtb.nl.eu.criteo.com
s.uuidksinc.net
secure.gravatar.com
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
static.criteo.net
stats.g.doubleclick.net
storage.mds.yandex.net
sync.1dmp.io
sync.bumlam.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
142.250.184.226
144.76.138.28
148.251.236.115
157.90.179.219
172.217.22.130
178.250.2.135
178.250.2.148
178.250.2.150
185.15.175.134
188.42.29.166
192.0.77.2
195.201.243.71
2001:6d0:4001::226
213.87.44.187
217.66.147.161
2606:4700:3030::ac43:a810
2606:4700::6810:135e
2a00:1450:4001:800::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:4007:807::200a
2a00:1450:400c:c06::9d
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::158
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a04:fa87:fffe::c000:4902
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.22
54.194.244.117
80.64.106.148
80.64.106.152
81.163.17.245
81.222.128.215
82.145.213.8
88.212.201.204
88.99.214.77
89.108.119.43
91.192.150.14
91.207.59.214
95.217.109.66
028c7ad5ddf43fd23551fd53ed45ac037958a4956b88f30367a01bb127b119b7
02af515521b58eae5e5bc194434b8559a9ece08857ec13b131dc11b7065d25d2
06f2e8d882c079e05c45bea1965e079d085cdfb732e0a827ddbdd3c1cd6aea08
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ccfd397f5e87f8f9b3544cd2efae8eddaa2c7da36c2a304f2905e5a8efb4d33
0d2478b1333f250b83787334727bc128213f49af1426df8d89838e0bd93229f3
0e498acee76811d27d3fd6fa85050262110a471d29f2e221bae9e4b2a583b154
0e652b42516f37af34e2ab1859e3b6c833aea6bbadc43747370b82d1762eccc2
0e7cec93d9dfd0b483699c26eb2eeb047726005db5f78faeb0d4f4de168f24f3
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
10446fcfc406f1ac6ebbe55503d7f9ba188635b31559a5ecd38cc2827aa0c131
10996fe1c1612f73a8a61a1a1649df4aa31b6e1641296e2c3dd54966f52f6709
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16aa1c8bf3adefcc2e6210cbbbe584345d6b78aad4c2ea24931f779315aec054
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185abbdc61f80e63aba980d8c894f2695c8dc4941aa09837cb81539ae5ed9dcd
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a09e3d2b10b297e7d149896bed655fedcc7821241dc982e5b5f3c167fc5ad6d
1c7f8d5e923836be3207b66a721d640861471110f6f64ad4baff7313c1aa14ef
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aef34faec8cd36ab795082058d15fa82b61d96f7d7b070ae90712fc84360ce8
2c3f269b095764e9feb2fc6ee3f4eb5f5f08587d8f3695daef1a0609e0930f49
2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
399b4a45d2f2a2934d9e629e7103cafb185ddbeefb98f41013954b0b0d8cc811
39f758eb5c191beb2feda385d99ed2955670f467517ce4064a31fc61db4ba6fb
3af61eab13d2d31fecf2346c763921f239f37cf617d30b854a9981dd549fdae5
3c7cf7b06f0056598cd47860559f77c3b7ae205163759ed83b359bc1775b20bb
42c1bc55a67369b68ff20d684d3be5182c5eabc3ba7e888d7ff1850043b4c09b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ae3b5455c186cf57a7ac18c85665ba81f999a790cb4ae44c0245ae228cf5ec2
4aef5deb25565ec2445ec74c5cedf70b41158f0cb7f106532a9401a905ab872c
4b5804a34a35e8f31577fdff09b150f48250cc97a4c547bd023c12360d46a236
4bf7af179cbc73327d0c731bab9cc26e06e5eb8322ce8d6dbde541aed0917a36
4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2694fad83a3e29d33cbb8e3010e369e0063a123dd18f978798623699d90228
4eb386939a7e55a02e164cb1eb5a1310cef73c69154fc34489e7e12c508feaa3
4fb565264af26107bb37b1e495c4b4bf768cf212d74a9eb357249a67b5e64923
5267a7583f77f4b36497b8545c5546b01234801de0d9239dbe7544f2fe5025ad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5509acc92f9b0f25603fd8bf2848483b9b2f58cfe6686b7743fe6a06efd45bf8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
563aa7f48e795f5b0f6a1a797821ddf6182b0a222050d2073d990c0a9c80483a
5aa863e38d97e51e8365476e0b1fcc9160462051cefea418bc70e43e0f69e249
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e4d369ad502d8aac611cdff9e981b5c272a7d51d3a8563a3de739214cb2cc85
602610a0277984c269d14892f6be6917ae8aa616437066d74c5e2bbd1e55cc48
610fbf508567cd9403e18f32e675c983437cad963561734d8dc5bee4328a570d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
64996fbc9d0359ac33251d9cbc7b8bfccac068cdf298fae268c5d5e7a2ea51c4
68085463ac23d35e580caa71f484c9f2de9694f2a235387b988013a3ba28258a
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6ad4de7742394d5bf258feb9722e6e2fed353308dc164cc0349ed6caab9b2eb0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8060b67a9bc601a234fad07a2ffdf1ba56bab8d4fe01fcdece885bce46f0aa
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
70000504879166ec05aab3fa053c0dcf77e669e101118e99e23914dbfdb1ac61
72384e83463fbdbc3765edf8c488c829fe35e7f330ed72341c6b22c89cd04d6d
7548dbf6ff83ed583dfb6d62a87364a673eb18403686b425248fdb4ffc00e753
76efe2381e5a0ec58e898dfcf7036d98aebf28a5e05471a4436c4452b142f39e
77d3ee8b636b3b821e24ca9c40ede8ec0e214097ed01dba8feaaa7e55232c8f1
7b136230b3162da3081e60db1b42bb9febf58f54d0032ed9f19cbdcc9a0f6e77
7bb432ec7aaf41d24a1d03911b5a92905043d7d649cd21292a914850b907273e
82347851c58d691fdab29a2b0a83862420b5d0935bb4684de98cb597517fc429
830ecc2e347e520fae6c121c4a55fd5cae840703e2395d563510ea986f38d48d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
84cdc8ae6b480c6e657706f495ea237a65a8142a7eb93f182e6fef34cef7cedc
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
89be859523dd7757062c344cee7e48da436b40757aebe0482d834354cd9791d2
8aad357c6c62c7c1ee2a28daacbf47ee1f9679ef3981f8c9124d59b28ed4d6b2
8baefff42a9252b458b0a1343f4720d5a1591d0733e1893054c2286dd40fd29c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
907b5e6ad5324e9cad881c4f26ef0f130ac6a31854846f20556ed3fb4689bac9
920b630046366297035d0116b52ec9af046bf1ee53bf4dc75fda35d7d03896fa
924ee044433047471bca031ea386471b79b980f08a43695ccfb376bb17a4a4ee
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9b3874fc4922bfacd0c63c2ca52ebb40c051c71b5d370d6de2382a78ecbfdd7f
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9e269ef515e8df8e845b1358f3cc974ee1a7c76cd391af720b9024f784973f7f
9fa7f49e3a869a02c248c7c730f895951b3fc2f811e504d3ab30f72c1f74913c
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a37ca4608218cccdfb8b6d4edbdfbf375d0e1368b46397e3b7049e0cbf5bc1f6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a864fefe2f02c21044764ba001fe0d081e5c5142ab0be2bac417f4b59e79b650
aa758928409203f2ba24572110247e93e8d0a5f49843f792fe5623beba1c2746
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aecfe5fcbf426c2e96e9bd14c5577e88c9f6f615e7b6d2503da491937a7e170d
b34537c09abb827f80652b0a5402f058069b17f58f0efd663f76622b49647dba
bbcf30816aff2d29ff2da669cefeb273c646a872454d79fb2d026fe986bfaf38
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bf3fee79378c145de833f181b40adc6e8a3c08ed21042d65ee8202496c67c1d0
bf7c58aa03802af086dc6186e82e2d441644d2cbfddabc1b182fd1f6810eff77
c3fcd6015417777f58fa897846e9a6f99d0ca6001311508cd25b5df7a1d4142b
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
d2de46384a29a5ee4b5adfb5d4ca2a24fecc35592d0ae012418763623f14940a
d2fe702dfed504dfa10cdc36a0fd1c2ce1a72966d4af68e91c5d27e96a001192
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d48bb29748cfe1860d539cf08fac6903e77dca54fce490b490efa967be3cb948
d7cef3a5dc9539e23338f326921b9eede981a037e9cb0bce5b3c230800e2254f
d8af0e93629f9ef52a54184edc3ab7fe7ecee775944cfa56a8d5fa0ecce7b650
d98da1540993d215b6f4e184906020e8ce32286b315a4261127d26bf79146bb0
dc7beac843e282909e5900624b9be08063a13a4048dfcd2d22999650d31f687b
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df07c2745b1d498d6464be053c7bd9fe4fb9d63ccb657156d68b6a3e0b070aa3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e35925b79830e45ff706c84562c8e39020f184dffc6787f26de5d43cd2785c3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45d3dfa17ad28f6bf7246bcc7ecf22ba47bc25738702278055cc770f2c9fed8
ed7e179256d13fa36b34866defec818149c484ec399dbc964a1e921bb81675b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f2014f80a8d8e040eb39b22e58c1a1d58c4b7b03c4ae5c713f88f859f4a6a47e
f232ac0713f32f2a5c079292be1fc0cbcad273a972a5a87a26f3cabc65fcc734
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f71615ff8525c5569ded3c8534c4f38aa6c72802b7b224714accd759f95f0288
f93be56796fb225acd0b666a0ddaafa8e3c3213d4aa0a6a97c0ec9c312e34d56
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fa4d85217cd918a65f942fb37d36acbd4aba13f7633f06eb76a53f327e80c2cb
fc60dc9bc0103bc9f80dd459bdc62f70f2045ee89db9e4ca0655197e5b1a09d7
fc96b73af1f0dfc834fe25cd1692b6d31694e4f5e857b5ef022c4511d1c6c11a
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
fd0cdcfea2db6a2ae02c7c054c578daab3989cde2f4ee92ea1a595cc866d82d4
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
ffea2fc688a92e70ca5f342f0e90072e8503cf26a68fa6882a2586194c1d280d

geekon.media Open in urlscan Pro 2606:4700:3030::ac43:a810 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

214 Requests

87 %HTTPS

47 %IPv6

42 Domains

59 Subdomains

38 IPs

10 Countries

2204 kBTransfer

6310 kBSize

58 Cookies

10 Outgoing links

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

geekon.media Open in urlscan Pro
2606:4700:3030::ac43:a810 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

87 %
HTTPS

47 %
IPv6

42
Domains

59
Subdomains

38
IPs

10
Countries

2204 kB
Transfer

6310 kB
Size

58
Cookies

214 HTTP transactions
1 data transactions