adcity.ru Open in urlscan Pro
149.56.110.20  Public Scan

100 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

• http://greatdexchange.com/a/display.php?r=1879615 HTTP 302
• https://velocecdn.com/script/banner.js?r=1879615

Request Chain 103

• http://www.google-analytics.com/ga.js HTTP 307
• https://www.google-analytics.com/ga.js

Request Chain 108

• http://mc.yandex.ru/metrika/watch.js HTTP 302
• https://mc.yandex.ru/metrika/watch.js

Request Chain 109

• http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1907563267&utmhn=adcity.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&utmhid=1577125178&utmr=-&utmp=%2F%3Fsort%3Drising&utmht=1701027338994&utmac=UA-1009467-3&utmcc=__utma%3D227175629.1216368990.1701027339.1701027339.1701027339.1%3B%2B__utmz%3D227175629.1701027339.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=777980528&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
• https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1907563267&utmhn=adcity.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&utmhid=1577125178&utmr=-&utmp=%2F%3Fsort%3Drising&utmht=1701027338994&utmac=UA-1009467-3&utmcc=__utma%3D227175629.1216368990.1701027339.1701027339.1701027339.1%3B%2B__utmz%3D227175629.1701027339.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=777980528&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 124

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1&C=1

Request Chain 125

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWOeC1iouvXvPbj3xBLylQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1

Request Chain 126

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEGHdzIa7hgppFFGLt6VKEHU&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGHdzIa7hgppFFGLt6VKEHU%26google_cver%3D1

Request Chain 127

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MjU2OTQ4OTc2NzUyMDMyNA%3D%3D

Request Chain 137

• https://ihg.demdex.net/event?d_event=imp&d_src=13687&d_creative=204821491&d_adgroup=571789008&d_placement=381126129&d_site=4498573&d_campaign=31030698&d_cb=1326208340 HTTP 302
• https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=204821491&d_adgroup=571789008&d_placement=381126129&d_site=4498573&d_campaign=31030698&d_cb=1326208340

Request Chain 139

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10199.fTBoypwkpROJ-dyyz9LVZIJ6LtCf24aMAoplH543p33g342SoVdWRGWTfnFlV011.355JeX1u1T45oJSvKy0AKAxi_zs%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10199.SppJUCUw74E9KXTgTeYinaAExbdIr74IG0bU78SXArMxV3j_DAkICh0c0VVHt7SNuagELHgt1xzD9IMV332xOsJ45L2BETWhX2YPtfjyxs3j6VhqRt3do3VdEExjzorftlnkJcEC9vRDbgbnbdjhKViUnIkoGgV1i7id1v7o2cjxY9Nocnw6FQex7MWTLBlOQN2L-K8JtMCVjvTtLCRJ6IFXOl1oNq6KPzROtLldaiM%2C.ZXdMRdXJ0C_BDsr39iWbEepn2EQ%2C

Request Chain 173

• https://mc.yandex.com/watch/10652806?wmode=7&page-url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3gptgfdbjvkqy3th3k5nmv17%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A306967938810%3Ahid%3A803994826%3Az%3A-480%3Ai%3A20231126113540%3Aet%3A1701027340%3Ac%3A1%3Arn%3A863598430%3Arqn%3A1%3Au%3A1701027340341853637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A2%2C18%2C23%2C20%2C0%2C0%2C%2C527%2C8%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1701027337558%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701027340%3At%3ARising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
• https://mc.yandex.com/watch/10652806/1?wmode=7&page-url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3gptgfdbjvkqy3th3k5nmv17%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A306967938810%3Ahid%3A803994826%3Az%3A-480%3Ai%3A20231126113540%3Aet%3A1701027340%3Ac%3A1%3Arn%3A863598430%3Arqn%3A1%3Au%3A1701027340341853637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A2%2C18%2C23%2C20%2C0%2C0%2C%2C527%2C8%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1701027337558%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701027340%3At%3ARising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response adcity.ru/	113 KB 21 KB	43ms 23ms	Document text/html	149.56.110.20 OVH
General Check archive.org Show headers Download Go to Full URL http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 149.56.110.20 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS 20.ip-149-56-110.net Software nginx/1.8.1 / Resource Hash e3192de0080415b458801d86d57566b98dace35cae179b6a8aa13f78cb5bd9cb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 26 Nov 2023 19:35:36 GMT Server nginx/1.8.1 Transfer-Encoding chunked
GET H/1.1	200 OK	var6.css adcity.ru/styles/	9 KB 9 KB	35ms 19ms	Stylesheet text/css	149.56.110.20 OVH
General Check archive.org Show headers Download Go to Full URL http://adcity.ru/styles/var6.css Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 149.56.110.20 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS 20.ip-149-56-110.net Software nginx/1.8.1 / Resource Hash 7f6f0e52b2832e9872b4a351b86ce620c2e6983424a9bed4b0ad2ba2f2f21d2b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:36 GMT Last-Modified Sat, 17 Jun 2017 16:56:11 GMT Server nginx/1.8.1 ETag "59455f2b-234f" Content-Type text/css Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 9039 Expires Tue, 26 Dec 2023 19:35:36 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.4.1/	69 KB 24 KB	102ms 33ms	Script text/javascript	142.251.163.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f95.1e100.net Software sffe / Resource Hash 2cec78f739fbddfed852cd7934d2530e7cc4c8f14b38673b03ba5fb880ad4cc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 03:21:10 GMT content-encoding gzip x-content-type-options nosniff age 317667 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24177 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 03:21:10 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response adcity.ru/js/	2 KB 2 KB	38ms 20ms	Script application/javascript	149.56.110.20 OVH
General Check archive.org Show headers Download Go to Full URL http://adcity.ru/js/jquery.cookie.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 149.56.110.20 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS 20.ip-149-56-110.net Software nginx/1.8.1 / Resource Hash 8d763bbb72728d89997a71bec572cc0a1b6098555046c1e786713631b72dfcba Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:36 GMT Last-Modified Sun, 17 Nov 2013 21:29:00 GMT Server nginx/1.8.1 ETag "5289351c-7b7" Content-Type application/javascript Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 1975 Expires Tue, 26 Dec 2023 19:35:36 GMT
GET H/1.1	200 OK	jquery.quicksand.1.4.js Show response adcity.ru/js/	19 KB 19 KB	38ms 21ms	Script application/javascript	149.56.110.20 OVH
General Check archive.org Show headers Download Go to Full URL http://adcity.ru/js/jquery.quicksand.1.4.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 149.56.110.20 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS 20.ip-149-56-110.net Software nginx/1.8.1 / Resource Hash ada6def6c2f1b9ca7394c370ae3d001f3993a410d1568d811f3dec1d706e91c6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:36 GMT Last-Modified Wed, 16 Mar 2016 16:12:00 GMT Server nginx/1.8.1 ETag "56e985d0-4a8f" Content-Type application/javascript Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 19087 Expires Tue, 26 Dec 2023 19:35:36 GMT
GET H2	200	videoPreview i.mycdn.me/	7 KB 7 KB	652ms 150ms	Image image/webp	5.101.40.2 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.mycdn.me/videoPreview?mid=6556326109157&type=39&cv=1051&tkn=kM-PxatRKYYJHGiH3IBZcNRDbfk&nocache=1&fn=w_320 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.40.2 , Netherlands, ASN47764 (VK-AS, RU), Reverse DNS Software apache / Resource Hash cf9e6bd837bd0c96cecd92ef8e003e51ca8aaa7fb57d56b0010006d6db761054 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ok-image ?1 date Sun, 26 Nov 2023 19:35:38 GMT last-modified Wed, 27 Sep 2023 19:35:38 GMT server apache etag "686897696a7c876b7e" content-type image/webp access-control-allow-origin * cache-control private, max-age=100000000 accept-ranges bytes timing-allow-origin * content-length 7402 expires Thu, 22 Aug 2024 19:35:38 GMT
GET H/1.1	200 OK	i.php liveomg.com/img/	6 KB 7 KB	266ms 246ms	Image image/jpeg	185.86.148.45 MAKONIX
General Check archive.org Show headers Download Go to Show image Full URL http://liveomg.com/img/i.php?u=https://c1565z2520.r-cdn.com/public/previews/18706.jpg?dummy=455 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 185.86.148.45 , Latvia, ASN52173 (MAKONIX, LV), Reverse DNS Software nginx/1.8.1 / PHP/5.6.19-0+deb8u1 Resource Hash bb512dfe6cafd661049219b70563bf04631395e21fd88f0afa4ca06042bf0459 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:37 GMT Server nginx/1.8.1 Connection keep-alive X-Powered-By PHP/5.6.19-0+deb8u1 Transfer-Encoding chunked Content-Type image/jpeg
GET H2	200	videoPreview i.mycdn.me/	11 KB 11 KB	517ms 146ms	Image image/webp	5.101.40.2 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.mycdn.me/videoPreview?mid=7217990475566&type=39&cv=834&tkn=V3EvUSLRLTXaYVK6_GA-ER0N4Cw&nocache=1&fn=w_320 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.40.2 , Netherlands, ASN47764 (VK-AS, RU), Reverse DNS Software apache / Resource Hash bc89f9ecfa316804dad40ed4e75a12b6a9697c05bd740cb996b21a89a1657f4a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ok-image ?1 date Sun, 26 Nov 2023 19:35:38 GMT last-modified Wed, 27 Sep 2023 19:35:38 GMT server apache etag "686897696a7c876b7e" content-type image/webp access-control-allow-origin * cache-control private, max-age=100000000 accept-ranges bytes timing-allow-origin * content-length 11376 expires Thu, 22 Aug 2024 19:35:38 GMT
GET H2	200	u6IcxSyH cget.tango.me/contentserver/download/ZU_Y7gAARszzJ_7lxgoXsQ/	41 KB 42 KB	94ms 27ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZU_Y7gAARszzJ_7lxgoXsQ/u6IcxSyH Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash c0cb1c19b1718d77459339c5d0061b836f2fa60a2496b16afcb175734eadba9b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 19:43:58 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sat, 11 Nov 2023 19:41:35 GMT x-b3-traceid 18c0802a07856cb83e6343f0944 age 85899 etag "1d04bf665063d0a6eac8bd4729bbfb81194135.jpg_42243_1699731695582" x-varnish 295593 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="1d04bf665063d0a6eac8bd4729bbfb81194135.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42243
GET H2	200	2e998b6a-1.jpg imagegw03.twitcasting.tv/image3/image.twitcasting.tv/image159_1/6a/8b/	29 KB 29 KB	571ms 186ms	Image image/jpeg	202.234.44.212 IDCF IDC Frontier...
General Check archive.org Show headers Download Go to Show image Full URL https://imagegw03.twitcasting.tv/image3/image.twitcasting.tv/image159_1/6a/8b/2e998b6a-1.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 202.234.44.212 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP), Reverse DNS i-202-234-44-212.moiip.net Software nginx / Resource Hash 59091509bdb2b44ea08a86954bc0e9c3a47062268a7dfc39b064e44a1ddca317 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=0 last-modified Sun, 26 Nov 2023 17:00:41 GMT server nginx age 6 content-type image/jpeg cache-control max-age=86400 accept-ranges bytes content-length 29190 expires Mon, 27 Nov 2023 19:35:38 GMT
GET H2	200	1f198e495afbcadbf982713d0b86fdf2_b d35pfiizku3sho.cloudfront.net/pp/11560140/	676 KB 677 KB	198ms 119ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/11560140/1f198e495afbcadbf982713d0b86fdf2_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 37aeaefd1f1ce1e9ba9cbce087f21091b3ee6dc037a0b0932ab67eff5dd054ac Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 15:28:52 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 06:42:34 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 20017 x-amz-server-side-encryption AES256 etag "9fd513ee09bffac1b834380d716cbfbf" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 692156 x-amz-cf-id r_MaCLuBORL6MgkSoDk6sC8rfczLtDnrLs-hRe0b2brX5k42zroe4A==
GET H2	200	7274648a320475eeee7c43173280439c_b d35pfiizku3sho.cloudfront.net/pp/11389348/	319 KB 320 KB	141ms 63ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/11389348/7274648a320475eeee7c43173280439c_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 52a7f35da2755cb2444078398406f7dab95a11edd5fa4c7e3a0dd77b82b50d0c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 06:17:18 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Fri, 13 Oct 2023 10:34:51 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 47900 x-amz-server-side-encryption AES256 etag "3f3730320121c812ea5621c6077dbeef" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 326706 x-amz-cf-id FN6uAMOw7gwj0I1YqotHQTj5PzKgkuBJYR0_yUYGH3N9dmDuu28jlA==
GET H2	200	jvoL14J2 cget.tango.me/contentserver/download/ZUxOdAAAKnUbli4POIiGXw/	86 KB 86 KB	118ms 52ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZUxOdAAAKnUbli4POIiGXw/jvoL14J2 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 1397dcfbeba1625445a41e2f4e5ae2c7db29b912d7f5fb8ff4e9855618e1ca9c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:57:59 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Thu, 09 Nov 2023 03:13:57 GMT x-b3-traceid 18c07d88830e1a3c8a2f833423b age 88658 etag "7be032fa57ead8375e36d67e3de0fdf6031357.jpg_88307_1699499637267" x-varnish 361867 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="7be032fa57ead8375e36d67e3de0fdf6031357.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 88307
GET H2	200	e983de75f4527daa76c6d206c54ab2f9_b d35pfiizku3sho.cloudfront.net/pp/12215213/	44 KB 45 KB	193ms 115ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/12215213/e983de75f4527daa76c6d206c54ab2f9_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash c6b36fe1f45a765b2357c327ef01e785308d63837e9ce9f4241b674ab90af9fa Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:24:34 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 14:55:40 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 16544 x-amz-server-side-encryption AES256 etag "264f51b3d7e1c32ef92c28bdce9c994c" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 45474 x-amz-cf-id lLt4MaaNqJMywtJXJOaEdkgE93P-rmIFE5sNFKzOiDeelMNTarydfQ==
GET H2	200	1f52d9d6e6b6d0edf4bf4f33d689df67_b d35pfiizku3sho.cloudfront.net/pp/10752123/	34 KB 34 KB	67ms 42ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/10752123/1f52d9d6e6b6d0edf4bf4f33d689df67_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 40085ffc2b252717808d9f7246ab82b83da6faa78c38b0ce1b746b42544d1bdb Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:17:14 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sat, 18 Nov 2023 19:00:52 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 1104 etag "1b326232107eaa0c3643adcbc8eecd69" x-amz-server-side-encryption AES256 vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 34656 x-amz-cf-id XZW7MLGj7qJrtJpmLwUgryUeQCakQRFNZ0zfiZa66PJaV5LuqnDf4g==
GET H2	200	xyNGHvpn cget.tango.me/contentserver/download/ZRP8UgAAf8i7CcR8SNVzVg/	70 KB 71 KB	94ms 82ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZRP8UgAAf8i7CcR8SNVzVg/xyNGHvpn Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 03da14031c8977732e76388a9dab8a436c828a64b351b95bb7a1a89b99023683 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 00:10:55 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Wed, 27 Sep 2023 09:56:35 GMT x-b3-traceid 18c08f707ffa769b01d3a17b9ba age 69882 etag "2f86e814b68f4c9c5fb95318b187afa9095635.jpg_72130_1695808595191" x-varnish 1966381 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="2f86e814b68f4c9c5fb95318b187afa9095635.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72130
GET H2	200	4c41e3ed2f694c89dadc2265957af31a_b d35pfiizku3sho.cloudfront.net/pp/4662151/	388 KB 389 KB	88ms 63ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/4662151/4c41e3ed2f694c89dadc2265957af31a_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash d22c63db7e3f60ba6f3412ce89fc721643d0081f36460bc8bb245e47c66e6791 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 02:51:14 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 02:06:25 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 60264 x-amz-server-side-encryption AES256 etag "3853df46c8efae902edaa3f96671aaa9" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 397335 x-amz-cf-id uTbbXGi0H_EhcwnwObYNr9rGe4SM_wff-_8deZzPLjthL-vAca_udQ==
GET H/1.1	200 OK	i.php liveomg.com/img/	15 KB 15 KB	266ms 248ms	Image image/jpeg	185.86.148.45 MAKONIX
General Check archive.org Show headers Download Go to Show image Full URL http://liveomg.com/img/i.php?u=https://c1565z2520.r-cdn.com/public/previews/20079.jpg?dummy=388 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 185.86.148.45 , Latvia, ASN52173 (MAKONIX, LV), Reverse DNS Software nginx/1.8.1 / PHP/5.6.19-0+deb8u1 Resource Hash a0ec6b16849ba79a9cee9ad883d536929b83bd5840afe55a086f500d4071b6f7 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:37 GMT Server nginx/1.8.1 Connection keep-alive X-Powered-By PHP/5.6.19-0+deb8u1 Transfer-Encoding chunked Content-Type image/jpeg
GET H/1.1	200 OK	i.php liveomg.com/img/	14 KB 15 KB	253ms 236ms	Image image/jpeg	185.86.148.45 MAKONIX
General Check archive.org Show headers Download Go to Show image Full URL http://liveomg.com/img/i.php?u=https://c1565z2520.r-cdn.com/public/previews/12.jpg?dummy=632 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 185.86.148.45 , Latvia, ASN52173 (MAKONIX, LV), Reverse DNS Software nginx/1.8.1 / PHP/5.6.19-0+deb8u1 Resource Hash 4a35bf97b79679163120d9455d8a1890a651069f5479ae48bad5c4993673493f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:37 GMT Server nginx/1.8.1 Connection keep-alive X-Powered-By PHP/5.6.19-0+deb8u1 Transfer-Encoding chunked Content-Type image/jpeg
GET H/1.1	200 OK	i.php liveomg.com/img/	11 KB 12 KB	263ms 246ms	Image image/jpeg	185.86.148.45 MAKONIX
General Check archive.org Show headers Download Go to Show image Full URL http://liveomg.com/img/i.php?u=https://c1565z2520.r-cdn.com/public/previews/2301.jpg?dummy=332 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 185.86.148.45 , Latvia, ASN52173 (MAKONIX, LV), Reverse DNS Software nginx/1.8.1 / PHP/5.6.19-0+deb8u1 Resource Hash f57e05c14a7c5d819f66e5b9f00b9ffb71a112308e33e41990d2c2c412040a61 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:37 GMT Server nginx/1.8.1 Connection keep-alive X-Powered-By PHP/5.6.19-0+deb8u1 Transfer-Encoding chunked Content-Type image/jpeg
GET H/1.1	200 OK	i.php liveomg.com/img/	10 KB 10 KB	268ms 251ms	Image image/jpeg	185.86.148.45 MAKONIX
General Check archive.org Show headers Download Go to Show image Full URL http://liveomg.com/img/i.php?u=https://c1565z2520.r-cdn.com/public/previews/2946.jpg?dummy=727 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 185.86.148.45 , Latvia, ASN52173 (MAKONIX, LV), Reverse DNS Software nginx/1.8.1 / PHP/5.6.19-0+deb8u1 Resource Hash 3985b3fc970315c6fe95dafbe64f0850ee0535659570c74f7da06a454b83005b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:37 GMT Server nginx/1.8.1 Connection keep-alive X-Powered-By PHP/5.6.19-0+deb8u1 Transfer-Encoding chunked Content-Type image/jpeg
GET H2	200	video_x.png vk.com/images/video/thumbs/	1 KB 2 KB	413ms 134ms	Image image/png	87.240.132.67 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/images/video/thumbs/video_x.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv67-132-240-87.vk.com Software kittenx / Resource Hash 08e9580b07b418cb8900857eb98c77c043f0e5ffa362cdd3dba40e38874596bd Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-trace-id qSHgIUJA8g-Hetcw3lGmvsb9WXsV6w date Sun, 26 Nov 2023 19:35:38 GMT x-frontend front220004 last-modified Tue, 22 Sep 2020 20:30:00 GMT server kittenx etag "5f6a5ec8-56f" content-type image/png cache-control max-age=604800 accept-ranges bytes content-length 1391 expires Sun, 03 Dec 2023 19:35:38 GMT
GET H2	200	yyuCxxsZlhE.jpg sun9-20.userapi.com/b_D6eljjGp2SORaNNThQJWpWXLipKMzdCXSMiQ/	40 KB 41 KB	398ms 131ms	Image image/jpeg	93.186.227.131 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-20.userapi.com/b_D6eljjGp2SORaNNThQJWpWXLipKMzdCXSMiQ/yyuCxxsZlhE.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.131 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv131-227.vkontakte.ru Software kittenx / Resource Hash 3b6a05ff4ded36f08f32c6008a09e6e2822b70880595f878542d89d010cf1ca2 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 3 request-id 517bdc8d-527d-4204-818b-199be6beaed4 content-length 40992 x-frontend front504110 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 6ff0fa7a58e31a9d9239168d353850256a565cb8a928ccdd09748c89 access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	videoPreview i.mycdn.me/	13 KB 13 KB	553ms 273ms	Image image/webp	5.101.40.2 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.mycdn.me/videoPreview?mid=7186677636901&type=39&cv=2554&tkn=nKEisBvBWR8ZZBiwlCfWpP5TO9Y&nocache=1&fn=w_320 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.40.2 , Netherlands, ASN47764 (VK-AS, RU), Reverse DNS Software apache / Resource Hash 2375b6ad38e9d82cfb3ff4130444dbfb5f4f81d1d84239cacaedb308343c970a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ok-image ?1 date Sun, 26 Nov 2023 19:35:38 GMT last-modified Wed, 27 Sep 2023 19:35:38 GMT server apache etag "686897696a7c876b7e" content-type image/webp access-control-allow-origin * cache-control private, max-age=100000000 accept-ranges bytes timing-allow-origin * content-length 12846 expires Thu, 22 Aug 2024 19:35:38 GMT
GET H2	200	getVideoPreview i.mycdn.me/	19 KB 19 KB	556ms 277ms	Image image/webp	5.101.40.2 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.mycdn.me/getVideoPreview?id=5352540998343&idx=15&type=39&tkn=Z4fStMN_AMb2qTJSLMy94zxNAUQ&fn=vid_x Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.40.2 , Netherlands, ASN47764 (VK-AS, RU), Reverse DNS Software apache / Resource Hash 8b3ffe8f5bfbfd8528cc347bae78fea597eb3334b1070a6b36c8659ae681de33 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ok-image ?1 date Sun, 26 Nov 2023 19:35:38 GMT last-modified Wed, 27 Sep 2023 19:35:38 GMT server apache etag "686897696a7c876b7e" content-type image/webp access-control-allow-origin * cache-control private, max-age=100000000 accept-ranges bytes timing-allow-origin * content-length 19620 expires Thu, 22 Aug 2024 19:35:38 GMT
GET H2	200	o8KwnohLTpg.jpg sun9-72.userapi.com/kEIfiXEkFvKC-l1OF8MiKlYHE0nZVkkwySCm7w/	46 KB 47 KB	402ms 132ms	Image image/jpeg	87.240.185.171 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-72.userapi.com/kEIfiXEkFvKC-l1OF8MiKlYHE0nZVkkwySCm7w/o8KwnohLTpg.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.185.171 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv171-185-240-87.vk.com Software kittenx / Resource Hash 37c2fa444c5744ae1568d2674bb8b0d91eff182eaf847ee761de1a539b87c292 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 4 request-id 935c1b98-7ba1-4446-afc3-e8afb91249a6 content-length 47283 x-frontend front220307 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 90421f89712416f282fa5d4e17c3222a56071349d9564930c920a6ef access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	videoPreview i.mycdn.me/	7 KB 7 KB	443ms 163ms	Image image/webp	5.101.40.2 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.mycdn.me/videoPreview?mid=6465801887738&type=39&cv=1575&tkn=oxAwfcGN2imyo1xiOfADz4MUFkU&nocache=1&fn=w_320 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.40.2 , Netherlands, ASN47764 (VK-AS, RU), Reverse DNS Software apache / Resource Hash 2d2c9e2571377c1d5240406e3ec289c9fe2b893c6cfe6f0436c35ab696f6807a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ok-image ?1 date Sun, 26 Nov 2023 19:35:38 GMT last-modified Wed, 27 Sep 2023 19:35:38 GMT server apache etag "686897696a7c876b7e" content-type image/webp access-control-allow-origin * cache-control private, max-age=100000000 accept-ranges bytes timing-allow-origin * content-length 7096 expires Thu, 22 Aug 2024 19:35:38 GMT
GET H2	200	GDc4PrpLm8U.jpg sun9-58.userapi.com/oRA0NWgPbPQfsOajwqhZCqEBXa22Zke7vw7dYQ/	49 KB 49 KB	411ms 135ms	Image image/jpeg	93.186.227.153 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-58.userapi.com/oRA0NWgPbPQfsOajwqhZCqEBXa22Zke7vw7dYQ/GDc4PrpLm8U.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.153 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv153-227.vkontakte.ru Software kittenx / Resource Hash 971f821a4e69baab046b997a9cf7f7a0b846991c3ebd6dac18b7ca61dfeffea1 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 16 request-id 1bec8b9d-acb5-4807-9f76-b07516ed65d7 content-length 49857 x-frontend front632911 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag a1103435680f6cf41fb0e6a3c2a8590aa1015dadb66647bbbf0edd61 access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	IfilK6o0Bec.jpg sun9-48.userapi.com/D9YE66_ujn9-Jmz70m6C8dD-T46FErYUgl5cJA/	55 KB 56 KB	402ms 132ms	Image image/jpeg	87.240.185.151 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-48.userapi.com/D9YE66_ujn9-Jmz70m6C8dD-T46FErYUgl5cJA/IfilK6o0Bec.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.185.151 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv151-185-240-87.vk.com Software kittenx / Resource Hash 582c6a63f3d7aada9ff24d00427fc9d9197449f0fac98dfc16affb0b722db338 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 2 request-id 3ccf55d4-ea8b-4e6e-a9fe-5d3e655d1a88 content-length 56418 x-frontend front225003 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 0fd604ebafee8e7f7e266cfbd26e82f1d0fe4f8e8512b614825e5c24 access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	V5ZojmFMeaE.jpg sun9-72.userapi.com/MoSeUqnIxEXoHKOfZjArGh8nuFjFEUs0vpQ-nQ/	38 KB 39 KB	308ms 308ms	Image image/jpeg	87.240.185.171 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-72.userapi.com/MoSeUqnIxEXoHKOfZjArGh8nuFjFEUs0vpQ-nQ/V5ZojmFMeaE.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.185.171 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv171-185-240-87.vk.com Software kittenx / Resource Hash 4b53f0f19b40505cb9549cd2fdbe156f75e8f5480c42ff62fe9100973517ae95 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 4 request-id be4f0ddb-0940-4661-be62-b9ac5cbccd27 content-length 39366 x-frontend front220307 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 32849e52a9c8c445e81ca39f66302b1a1f27b858c5114b34be943e9d access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H/1.1	200 OK	249053343_240x135.gif liveimg.afreeca.co.kr/	8 KB 9 KB	548ms 221ms	Image image/jpeg	1.234.43.181 SKB-AS SK Broadba...
General Check archive.org Show headers Download Go to Show image Full URL http://liveimg.afreeca.co.kr:9090/249053343_240x135.gif?1059339041 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 1.234.43.181 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR), Reverse DNS Software / Resource Hash 098d5c6c23a1d6fe0b60295bcbe9d9016ee1f31cd41a828533b45b04955636ef Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 26 Nov 2023 19:35:38 GMT Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Content-Length 8419 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type image/jpeg
GET H2	200	broadcastId=220896088 cdn2.younow.com/php/api/getBroadcastThumb/	166 KB 164 KB	127ms 40ms	Image image/jpeg	18.154.227.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.younow.com/php/api/getBroadcastThumb/broadcastId=220896088 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.154.227.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-154-227-128.iad55.r.cloudfront.net Software nginx / Resource Hash 57d886aa4969414b9e307eb2549cb1c7cb19e26e551126acbe52ddbd1c94b830 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 01 Nov 2023 03:20:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-server-name younow-api-596c49b99b-4wqxj via kong/2.8.4, 1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P5 x-kong-proxy-latency 1 age 2218484 x-cache Hit from cloudfront x-kong-upstream-latency 244 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control max-age=2595600 x-amz-cf-id -0imModDMnf8xogV9ff8Uq3YhSX0bZZOBdKgPUOVUdh2qKdZ240pAA== expires Fri, 1 Dec 2023 4:20:54 GMT
GET H2	200	sPFDKAmaaYg.jpg sun9-45.userapi.com/NnI6iwj1LEPHRIBxtam1rNGm4xFPUkKp3wMjIg/	45 KB 45 KB	402ms 133ms	Image image/jpeg	87.240.185.148 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-45.userapi.com/NnI6iwj1LEPHRIBxtam1rNGm4xFPUkKp3wMjIg/sPFDKAmaaYg.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.185.148 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv148-185-240-87.vk.com Software kittenx / Resource Hash 66f9b5e4822cdd6b8b47d74141288b2639388e3a99b7839dc0b44c5f96f374bd Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 4 request-id 1b70f9cf-0100-4e00-84b4-be506225669f content-length 45701 x-frontend front225000 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 36723a8b08f52c43c7448071b5a9b5acd1a6e3114f5242a9df032322 access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	1-S9fxFo3zQ.jpg sun9-60.userapi.com/I6O67IVaFUcf0-sNNeVcAEtAMVjtqWCnkL7ICA/	62 KB 62 KB	399ms 131ms	Image image/jpeg	93.186.227.155 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-60.userapi.com/I6O67IVaFUcf0-sNNeVcAEtAMVjtqWCnkL7ICA/1-S9fxFo3zQ.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.155 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv155-227.vkontakte.ru Software kittenx / Resource Hash 050277faff205690c18c7f92adbda9faa082c00549d48b811843676787e238e0 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-frontend front632917 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 request-id 2b453a1f-3079-4e4b-b098-266e5adba3df accept-ranges bytes access-control-allow-headers X-Quic content-length 63460 expires Tue, 26 Dec 2023 19:35:38 GMT
GET H/1.1	200 OK	249062748_240x135.gif liveimg.afreeca.co.kr/	8 KB 9 KB	441ms 221ms	Image image/jpeg	1.234.43.181 SKB-AS SK Broadba...
General Check archive.org Show headers Download Go to Show image Full URL http://liveimg.afreeca.co.kr:9090/249062748_240x135.gif?689672084 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 1.234.43.181 , Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR), Reverse DNS Software / Resource Hash 84b362716215a2553cbbfdcf0b2e118d69125253280f6ae0b7d549d06c6a259f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 26 Nov 2023 19:35:38 GMT Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization Content-Length 8580 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type image/jpeg
GET H2	200	W6_Ue5xssxk.jpg sun9-30.userapi.com/4Yw1fFFaqxVETyGiCU7ovQEqmASZLqifg_YBCw/	33 KB 34 KB	390ms 128ms	Image image/jpeg	93.186.227.141 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-30.userapi.com/4Yw1fFFaqxVETyGiCU7ovQEqmASZLqifg_YBCw/W6_Ue5xssxk.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.141 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv141-227.vkontakte.ru Software kittenx / Resource Hash 59d5f362a44e622eed407f40285cb2e79f27c0b9f02d369299e8043a6f7d1c0f Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 3 request-id 1e7f86bf-de4d-421b-a398-7e4452dc5c04 content-length 34211 x-frontend front501721 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag e18c357c515aab15444f21a2094ee8bd012a9804992ea89f83f6010b access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	vF_pdmgf4V8.jpg sun9-42.userapi.com/SpI3C_yYGH39znWNSfQB4CB2H_FWelcfKHTBnQ/	24 KB 25 KB	391ms 128ms	Image image/jpeg	93.186.227.149 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-42.userapi.com/SpI3C_yYGH39znWNSfQB4CB2H_FWelcfKHTBnQ/vF_pdmgf4V8.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.149 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv149-227.vkontakte.ru Software kittenx / Resource Hash d78a8cd58c054a6d20d7656080851239c842516e8ae515889a8ae962c26b374f Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 13 request-id 48295e56-ed8b-460a-98be-8c559f3057fb content-length 24786 x-trace-id 9__vKUc4ZtV5CF4McXQtf_0PTekEWw x-frontend front632929 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 4a92370bfc98187dfdce758d49f401e020761ff1567a571f2874c19d access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	7QEmgxJW22M.jpg sun9-21.userapi.com/VZvXIiyyCg0s45jILXYrZxNgeUEtb5r-3KMdXQ/	23 KB 24 KB	410ms 135ms	Image image/jpeg	93.186.227.132 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-21.userapi.com/VZvXIiyyCg0s45jILXYrZxNgeUEtb5r-3KMdXQ/7QEmgxJW22M.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.132 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv132-227.vkontakte.ru Software kittenx / Resource Hash e04226019e56bed7aa76db2d09d1685bf7e67c5aee5ea0a5f4ae5a13775079ac Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 4 request-id 34e53aeb-d289-4804-9b79-2620280fca57 content-length 23750 x-frontend front504111 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 559bd7222cb20a0d2ce398c82d762b67136079412d6f9afedca31d5d access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	3GlpklYLg9s.jpg sun9-24.userapi.com/1ySOjWxUJQL8lPsaUF1nEPOtQcgNjGLE8hB_oA/	51 KB 51 KB	411ms 137ms	Image image/jpeg	93.186.227.135 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-24.userapi.com/1ySOjWxUJQL8lPsaUF1nEPOtQcgNjGLE8hB_oA/3GlpklYLg9s.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv135-227.vkontakte.ru Software kittenx / Resource Hash 0eff856ce49a493ac27f7e5e251a548a209db2610546b1a7a72a9f5fb91ba344 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:38 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 3 request-id 1c6ff1e8-6fa3-4076-94f8-7f1314453425 content-length 52076 x-frontend front504114 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag d7248e8d6c542502fc94fb1a505d6710f3ad41c80d8c62c4f2107fa0 access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:38 GMT
GET H2	200	7fa92287ae3c37b104c9bff88cda258c_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	23 KB 23 KB	138ms 33ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/7fa92287ae3c37b104c9bff88cda258c_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 58304cf09a64fad7754f3491d119dcdef3f69b7872fbfa2d414ab7a884e00927 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 00:26:04 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Mon, 20 Nov 2023 23:37:36 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 500975 etag "eb3b7c7427001f34338283304db2675d" x-cache Hit from cloudfront content-type image/jpeg content-length 23194 x-amz-cf-id _Xk6f-Q0b7Mp-nmgEMq5DL9KKc4ElPfY69495mYuBxbhKuq9mPLFXg==
GET H2	200	6605ab45746b7acbfa2418b835b5ddeb_b d35pfiizku3sho.cloudfront.net/pp/11957464/	62 KB 62 KB	38ms 36ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/11957464/6605ab45746b7acbfa2418b835b5ddeb_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash c219e60603771fea823f6c222557b2a0c5e3ec3216e9115ad8ed8af568c4c173 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:34:28 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Fri, 24 Nov 2023 19:20:42 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 87 x-amz-server-side-encryption AES256 etag "e56b30eda47829080165b922415178e2" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 63565 x-amz-cf-id H0kRbzutfqIk8PuxoTiXpjkaDJjnr4IpT_cxJmcWrZ5HsH3DFk7jpA==
GET H2	200	agIxN5ud cget.tango.me/contentserver/download/ZU_XMAAARrzdDRhoMb8yWQ/	51 KB 51 KB	28ms 27ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZU_XMAAARrzdDRhoMb8yWQ/agIxN5ud Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 7a2baada4878efeffc43956fa6b35d5271aecc3979de95fdffa2f16e6d75eae6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 22:02:39 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sat, 11 Nov 2023 19:34:09 GMT x-b3-traceid 18c0881990980e104a25f56d873 age 77579 etag "a97255cad9d8c561b7eb6a8e0dfbb586193409.jpg_52398_1699731249229" x-varnish 492085 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="a97255cad9d8c561b7eb6a8e0dfbb586193409.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52398
GET H2	200	live_user_taylorjevauxwaitingroom-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	15 KB 15 KB	149ms 52ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_taylorjevauxwaitingroom-320x180.jpg?1599580632 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash 36e4c0ae38e78a84ad58e0fa6c9e2501a61348492a2125a107194f9bf3282267 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:34:48 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 50 x-amzn-requestid 09e9e975-c41b-4b14-8141-d05c5ee2e528 x-cache Hit from cloudfront x-amz-apigw-id PBWZwGaJPHcFeRg= content-length 15192 server nginx x-amzn-trace-id Root=1-65639dd7-f83682cd1437624aabd7d243;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id qpjujlEbaE4aV_tJB9Cn2JsLd4v2nwTXJNdgygkzis5MXmli8S1xvA== expires Sun, 26 Nov 2023 19:39:48 GMT
GET H2	200	live_user_mirys-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	7 KB 7 KB	145ms 54ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_mirys-320x180.jpg?213368003 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash b5c8cdefcdb114740c38d1b3770480cdedc17bef8ad7d4729d5f6ae205fd5f5a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:37 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 1 x-amzn-requestid d3658b45-8aa2-4ebc-8c57-43c727cee721 x-cache Hit from cloudfront x-amz-apigw-id PBWhbH3hPHcFkpQ= content-length 6845 server nginx x-amzn-trace-id Root=1-65639e08-e57b648a4c2b68fbaa6e066a;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id aTo73J8CgF7JvbaZkysDfd-U4aJjlYnLQHF_HagaLpieOWFDPOoutw== expires Sun, 26 Nov 2023 19:40:37 GMT
GET H2	200	live_user_memecompilationz-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	7 KB 8 KB	44ms 38ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_memecompilationz-320x180.jpg?9039424 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash 5cdc6a9066e2bf5e9d789233cb3995beb992e1d4fa803dfced60e70c27347f76 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:32:14 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 204 x-amzn-requestid 7a04c922-2300-4609-a04e-2df85e5e8391 x-cache Hit from cloudfront x-amz-apigw-id PBWBxHzQPHcFcbg= content-length 7628 server nginx x-amzn-trace-id Root=1-65639d3e-2e56c6671c15df86c64f7b58;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id 8PHVCpzotdtJcpfHtQs_7VQdUzkmAysgiv67bF2fMyVDyLXt1-kOGA== expires Sun, 26 Nov 2023 19:37:14 GMT
GET H/1.1	200 OK	8e3ad1d5a367a1d6a0cbe5670fec6961_icon.jpeg esx.esxscloud.com/big/liveme/poster/	25 KB 25 KB	68ms 43ms	Image image/jpeg	13.249.39.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://esx.esxscloud.com/big/liveme/poster/8e3ad1d5a367a1d6a0cbe5670fec6961_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 13.249.39.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-22.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 0ce183ada67d6c9469a7c68d960fc05afb44a5c174a851bde08ff91a64ac6bc2 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Tue, 17 Oct 2023 18:13:59 GMT Via 1.1 7dc4818c830423900ae855831181d2b8.cloudfront.net (CloudFront) Last-Modified Mon, 31 Jul 2023 08:12:45 GMT Server AmazonS3 X-Amz-Cf-Pop IAD89-C1 Age 3460900 ETag "a3e19eaf4a55326d54b5912393df6161" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive Content-Length 25242 X-Amz-Cf-Id PtHpGqQn1VcbHPH6-_FRaZQXyyEoLihHCp3nNGmQplmPHHthp1BgTg==
GET H2	200	9hSfZuUMcjM.jpg sun9-32.userapi.com/Yr8cgrPfu-yQOyBpSmgIvrYc16gR3JJSTt3w4w/	70 KB 71 KB	418ms 136ms	Image image/jpeg	93.186.227.143 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://sun9-32.userapi.com/Yr8cgrPfu-yQOyBpSmgIvrYc16gR3JJSTt3w4w/9hSfZuUMcjM.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.186.227.143 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv143-227.vkontakte.ru Software kittenx / Resource Hash 6e1627b7cc99d639f1bed7e786f50784c3ea3f42aeaafa5e423c4fbfcc4aebe1 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:39 GMT strict-transport-security max-age=15768000 x-envoy-upstream-service-time 2 request-id e6bc70fe-f3fc-4a79-aec4-9e36a7a86639 content-length 71736 x-frontend front501723 last-modified Thu, 01 Jan 1970 00:00:00 GMT server kittenx etag 62bf1c82b3dfbbec903b20694a6808beb61cd7a811dc92524eddf0e3 access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers X-Frontend cache-control max-age=2592000 accept-ranges bytes access-control-allow-headers X-Quic expires Tue, 26 Dec 2023 19:35:39 GMT
GET H3	200	SSL6o7Js cget.tango.me/contentserver/download/ZLgH2AAAGWjB7hbeLV22nQ/	65 KB 65 KB	86ms 83ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZLgH2AAAGWjB7hbeLV22nQ/SSL6o7Js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash b7c33da323bd01e4fc1028a91c30868e97cbc558cbcd324f5d4d6722db1c76c7 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 23:31:24 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Wed, 19 Jul 2023 15:57:13 GMT x-b3-traceid 18bef130eab31b60b126ef46024 age 504254 etag "648aa5e1070c304c717014acfe163a86155713.jpg_66268_1689782233573" x-varnish 33797 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="648aa5e1070c304c717014acfe163a86155713.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66268
GET H2	200	cfc76a9da10f9b91662f93ab124895e0_b d35pfiizku3sho.cloudfront.net/pp/7730105/	664 KB 665 KB	43ms 32ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/7730105/cfc76a9da10f9b91662f93ab124895e0_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 9ee549ce749f764aa06ff2cae4a50da22ab01559fd5137f0b56fcf298fadf818 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 16:05:22 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sun, 19 Nov 2023 13:53:30 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 12617 x-amz-server-side-encryption AES256 etag "aa7561c6220123656dafee1d866f0494" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 679716 x-amz-cf-id -MnI6vtuC-P-m8WDGDOrO1qfBS3IQHBdJhVkn2wgopetOmfW9bbeqA==
GET H2	200	cover-21b7ef319adf9c54c3eecf361cec60e3_icon.jpeg esx.esxscloud.com/liveme/540x540/	34 KB 34 KB	116ms 105ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-21b7ef319adf9c54c3eecf361cec60e3_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 347ae4e863079327c94a359fe72d46c2f1a8ea417796bbbf1e62bc58d4ab107f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 07:05:51 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 19 Nov 2023 07:05:40 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 649788 etag "c4a69c87164ab0b09bbc489dbd3bf286" x-cache Hit from cloudfront content-type image/jpeg content-length 34891 x-amz-cf-id GfkLhASfmY9v8mDMNOzX9iQl5vPAOoI8_CM-wrx0wW98F34m-2fiMA==
GET H3	200	a4OrC3MS cget.tango.me/contentserver/download/ZUNtPwAA5DgfY81GCk-_8Q/	139 KB 139 KB	32ms 28ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZUNtPwAA5DgfY81GCk-_8Q/a4OrC3MS Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash a3a613001fed87bed500331e059d2e72cddd60c8585af6377752f90374d114e6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 23:43:32 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Thu, 02 Nov 2023 09:34:56 GMT x-b3-traceid 18bef1e27eb75b0fb7f96113fe9 age 503526 etag "cc4e66c9448d8da1a1d30a18cfbbdfc5093456.jpg_142641_1698917696744" x-varnish 2424899 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="cc4e66c9448d8da1a1d30a18cfbbdfc5093456.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 142641
GET H2	200	0465f9dee7efe3c6f0ae7199ae82f7ef_icon.jpeg esx.esxscloud.com/liveme/540x540/	37 KB 37 KB	47ms 37ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/0465f9dee7efe3c6f0ae7199ae82f7ef_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash a6a6b583e41bbc6b30cd55ce2cc4df3f2adbb3d6b6868028775ae31a313ad88f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 06:47:04 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 06:36:47 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 46115 etag "cafde6ae7db50a9b4cbdd82ea83bdf31" x-cache Hit from cloudfront content-type image/jpeg content-length 37810 x-amz-cf-id iODmBW8PCpqrdL7WmFXcnzaNWEfAV-wVnAMvBFYwnf2bZNwR9U4WLQ==
GET H3	200	7wR15Vpg cget.tango.me/contentserver/download/ZRn6oQAArJQBjLFRgQrc4Q/	113 KB 113 KB	64ms 60ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZRn6oQAArJQBjLFRgQrc4Q/7wR15Vpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 9f0d4d9c64671796375dab77488b8990bb3bd60c87a094c3faff81abf7db4c1a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 21:46:01 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sun, 01 Oct 2023 23:02:57 GMT x-b3-traceid 18c08725aa835eda651a2c5d88b age 78577 etag "b8630aab911bd197a741f373daafefd4230257.jpg_115516_1696201377995" x-varnish 984043 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="b8630aab911bd197a741f373daafefd4230257.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 115516
GET H2	200	cover-4a1e817f11be08f3a626aa0c9cc1b533_icon.jpeg esx.esxscloud.com/liveme/540x540/	45 KB 45 KB	68ms 58ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-4a1e817f11be08f3a626aa0c9cc1b533_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 347ca511a51845b79aa8bdafc4f6e551bc9def4ec7fe7a92ebec22497856250f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 19:27:48 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 01 Oct 2023 21:21:42 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 605271 etag "457fe1c03e0cb8d8481966e635c50957" x-cache Hit from cloudfront content-type image/jpeg content-length 45626 x-amz-cf-id cDb8opHUrgnRE4gjZ03uIjxsu0qnt_Rr6JVhE-tQx1ZP7i66OwIXPw==
GET H2	200	live_user_asmr_vietnamese_massage-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	10 KB 11 KB	48ms 38ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_asmr_vietnamese_massage-320x180.jpg?1058241334 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash ef986e6d594534976a72238f4079492b2e4429c197f2b86599cf1f8adddd4c91 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:34:12 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 86 x-amzn-requestid 503bb3b2-39e7-4364-a789-246ea6190e24 x-cache Hit from cloudfront x-amz-apigw-id PBWULFOoPHcFsYA= content-length 10299 server nginx x-amzn-trace-id Root=1-65639db4-e8a976bbd9715d952707a7ce;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id Q9Stf_jRgJJrbixiCyPbF1VSBvlPH77BmhSjUGI6A5rvwLB2bs6LrA== expires Sun, 26 Nov 2023 19:39:12 GMT
GET H2	200	cover-e3c772299f2a2422ab881808a998a67f_icon.jpeg esx.esxscloud.com/liveme/540x540/	36 KB 36 KB	116ms 107ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-e3c772299f2a2422ab881808a998a67f_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 34f228022603430db82e09f0806a7aa8864b6044c8773f01b6e8f4d1e855e469 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 05:36:40 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 05:36:38 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 50339 etag "f96b573eaa3a4d8afb343a55116e8dd4" x-cache Hit from cloudfront content-type image/jpeg content-length 36663 x-amz-cf-id 3VSTf_QOs3uEblraSgRyx-YqGlcf-mBQqdWLwkK34ZEOLVQ0Z1A7Ig==
GET H2	200	cover-ff2c87716256530803512e53cd33344e_icon.jpeg esx.esxscloud.com/liveme/540x540/	49 KB 50 KB	113ms 103ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-ff2c87716256530803512e53cd33344e_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash e2526907b81461483c346277ec4f4467ca3fd43e46da78b059e7162f7cc7723d Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 01:45:51 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 01:44:17 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 64188 etag "47e9f9ec802518a6e9f9d5cc871f7bae" x-cache Hit from cloudfront content-type image/jpeg content-length 50454 x-amz-cf-id -QL4IPHGm_WKyO64PVi543aJqPsaotPPkxHo41xyJtdc9MVMaEiYfQ==
GET H3	200	X6Ij3Ptv cget.tango.me/contentserver/download/ZT19pQAAtkpL_fiqe_h54A/	61 KB 61 KB	41ms 37ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZT19pQAAtkpL_fiqe_h54A/X6Ij3Ptv Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash b7f8b35e7c970e8f66f29d48d3a78f428d6eb2191964393f486850752f4a9d9a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 04:21:33 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sat, 28 Oct 2023 21:31:18 GMT x-b3-traceid 18beaf653646c7ae41caab217d2 age 573245 etag "091768b469df44a1a19adcb6ab057c0b213118.jpg_62268_1698528678121" x-varnish 2851238 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="091768b469df44a1a19adcb6ab057c0b213118.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62268
GET H2	200	cover-3d366a964c89ce7d55cbaf135cf31a02_icon.jpeg esx.esxscloud.com/liveme/540x540/	27 KB 28 KB	115ms 105ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-3d366a964c89ce7d55cbaf135cf31a02_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 4e2ac19da0593a0e015a26225c0617b639a24e140e788271324b6b4129ec34b6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 10 Nov 2023 12:32:23 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Fri, 10 Nov 2023 12:30:29 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 1407796 etag "77b781ff03ae1503a2fe5d66150845b9" x-cache Hit from cloudfront content-type image/jpeg content-length 28098 x-amz-cf-id 03Vg6hVlPQ_YLoWmrdImdpHqAeyo2aPv8GQOf6bbi69xik9BRZL4QA==
GET H3	200	3iaRRa3e cget.tango.me/contentserver/download/ZSTqMAAA_NbR7Qfp_H5cZw/	141 KB 141 KB	58ms 54ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZSTqMAAA_NbR7Qfp_H5cZw/3iaRRa3e Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash c428475e9fafd60d13b71bf9cd68275f2a63e515e927a1ec97de9d92e494fef8 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 22:05:38 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Tue, 10 Oct 2023 06:07:45 GMT x-b3-traceid 18bf911415a68a40993e1a13623 age 336600 etag "e785205c0ce175f6e9ad3a4d6deeb6d5060745.jpg_144556_1696918065386" x-varnish 2687693 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="e785205c0ce175f6e9ad3a4d6deeb6d5060745.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 144556
GET H2	200	23c6d669a5b312f7bca2b8e7994d82a4_b d35pfiizku3sho.cloudfront.net/pp/4625078/	18 KB 18 KB	81ms 72ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/4625078/23c6d669a5b312f7bca2b8e7994d82a4_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 7511406d688c936adaf5910898f3cd2878da2b823f54c2013013eb8162119e9b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 00:14:46 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sat, 18 Nov 2023 16:13:58 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 69653 x-amz-server-side-encryption AES256 etag "a3a8f58a6b5b77220a071eb45e729ea4" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 18275 x-amz-cf-id Sgl2bInE5z_3Kbro4clHd3E6jkpNZW5db8UKEC7Tv03VpEPxfSG-Tw==
GET H2	200	broadcastId=221213233 cdn2.younow.com/php/api/getBroadcastThumb/	159 KB 155 KB	44ms 35ms	Image image/jpeg	18.154.227.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.younow.com/php/api/getBroadcastThumb/broadcastId=221213233 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.154.227.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-154-227-128.iad55.r.cloudfront.net Software nginx / Resource Hash 42d65ccb6231f7694014994216f947ef184947481c088fe72a623206110f37ee Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 06:18:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-server-name younow-api-8688c6596b-q7jwd via kong/2.8.4, 1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P5 x-kong-proxy-latency 0 age 47856 x-cache Hit from cloudfront x-kong-upstream-latency 126 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control max-age=2592000 x-amz-cf-id 2J2k-KD8thyezxLBp6N1SoOIARuteW3PtF0MCfZJR2NjaptZpEGcOA== expires Tue, 26 Dec 2023 6:18:02 GMT
GET H3	200	OqMQXQrv cget.tango.me/contentserver/download/ZUUjrAAA8dSld1ltOEVEMw/	414 KB 414 KB	96ms 93ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZUUjrAAA8dSld1ltOEVEMw/OqMQXQrv Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash e03060f2b439ab786a413594200d9db2831165d9ddf39bf0eb15b47f8234e5e1 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 21:18:40 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Fri, 03 Nov 2023 16:45:33 GMT x-b3-traceid 18bf3bfe05369147002bddd2926 age 425818 etag "719d5a8d34234f34e2c2a4c67670987f164533.jpg_423942_1699029933603" x-varnish 1671903 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="719d5a8d34234f34e2c2a4c67670987f164533.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 423942
GET H2	200	9bfe381666dd4cd206161de0e4b04259_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	51 KB 52 KB	115ms 106ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/9bfe381666dd4cd206161de0e4b04259_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 727558ff694b14aecf4d6e79ad7138e0829c380b614deece469d3fda88da2127 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 04 Nov 2023 11:39:00 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Thu, 31 Aug 2023 17:01:32 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 1929399 etag "5c44fc51a1dfaac13c4f81c8ee36a9bd" x-cache Hit from cloudfront content-type image/jpeg content-length 52433 x-amz-cf-id kqm3yXXFCywt9lkxQWc_qc7bu_NylElcvHxJNVCECLV54oqoHnlp3A==
GET H2	200	live_user_ijenz-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	14 KB 15 KB	51ms 42ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_ijenz-320x180.jpg?1710470203 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash ffd82225284a1ba938fe0937df7ba191b1464b84aa09c551b15a8e09b50bd33e Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:30:46 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 292 x-amzn-requestid aff53cff-949b-49fc-b6e4-8cd7764aa55b x-cache Hit from cloudfront x-amz-apigw-id PBVz4EaQPHcFUwA= content-length 14842 server nginx x-amzn-trace-id Root=1-65639ce5-a9644196414612c83d0ef336;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id vuhAbq-5X3jk4Khok2a4ZKH242a2XfekeLnPzHuai5vUQtmhS97JUQ== expires Sun, 26 Nov 2023 19:35:46 GMT
GET H2	200	cover-3ddee4c70fc0fa30aec53a32dd2da108_icon.jpeg esx.esxscloud.com/liveme/540x540/	30 KB 30 KB	115ms 106ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-3ddee4c70fc0fa30aec53a32dd2da108_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 7166310dd80fb467b4aa5a176c9383ca0279b75354041f5e1f7711f3d9cad5eb Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 18 Nov 2023 23:56:40 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sat, 18 Nov 2023 23:56:03 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 675539 etag "0540e266da20bac0740540862530a964" x-cache Hit from cloudfront content-type image/jpeg content-length 30876 x-amz-cf-id 7qEnDVT69dRDFlx5v0_2E1-zo-CHkxBtYQ-edrGWegikjkRM0hgfLw==
GET H3	200	thumbnail cget.tango.me/contentserver/download/ZTRGNgAAb4dJw0HoPAE1MA/CKesZgIL/	4 KB 4 KB	98ms 95ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZTRGNgAAb4dJw0HoPAE1MA/CKesZgIL/thumbnail Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 375d921740b46905195539a8f3fe6bdd4b64722e9b26a99fb903abefed4079d5 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 23:44:00 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sat, 21 Oct 2023 21:44:24 GMT x-b3-traceid 18bef1e971c4fe6c50792b33d6c age 503498 etag "f90ba2ec6d61178f91f9549151e66ae5214424_4.jpg.jpg_4073_1697924664263" x-varnish 1705216 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="f90ba2ec6d61178f91f9549151e66ae5214424_4.jpg.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4073
GET H2	200	cover-f5ceb8faab57ff5ef489d01cd94a3a01_icon.jpeg esx.esxscloud.com/liveme/540x540/	32 KB 32 KB	115ms 106ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-f5ceb8faab57ff5ef489d01cd94a3a01_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 18fefa9ff6bf51889491b4923d4cec41bb0af6361293bf5f7c8311f2c9268c36 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 18:02:42 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 18:02:37 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 5577 etag "938549cc8b554e3b81489e7f7461f37b" x-cache Hit from cloudfront content-type image/jpeg content-length 32490 x-amz-cf-id YWDNg9-A4_mBoI5jb7iopLERFeOUfq_O2K3uLDjP9iYKG0tECKfF1Q==
GET H2	200	561430218ab8f40ff1e88fb72f7e1478_b d35pfiizku3sho.cloudfront.net/pp/11259141/	483 KB 484 KB	80ms 71ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/11259141/561430218ab8f40ff1e88fb72f7e1478_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 2012b4304b673f13f220aec4b0101302cea0946468c0b8ac49e6166c61c4f846 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 11:11:32 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Wed, 22 Nov 2023 12:07:10 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 30247 x-amz-server-side-encryption AES256 etag "df76813cf2b08592549fc68cef09cd6a" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 494844 x-amz-cf-id R-K_GsWuAUE4mwJ98tRBg5Mz-ri1TrPpz4Oj_rnhvTzNxkMeRfpwpQ==
GET H2	200	live_user_lakomka_tv-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	13 KB 13 KB	58ms 50ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_lakomka_tv-320x180.jpg?300820292 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash bb3b57ade886a3daa4bca039609fed93391c6d30cb5be66fb6798379c0fddd1d Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:34:59 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 38 x-amzn-requestid 2409b108-f9d5-4d74-b1b2-d5674f71b499 x-cache Hit from cloudfront x-amz-apigw-id PBVv5HIkvHcFqlQ= content-length 12899 server nginx x-amzn-trace-id Root=1-65639ccb-bdf53b5431ab8ccdee5691aa;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id 4tL3XJlIcxj_G4jwlqieTEogNc-0rRnW-JrOxj0X9l80KEPTvITY_g== expires Sun, 26 Nov 2023 19:39:59 GMT
GET H3	200	kKdrn2gO cget.tango.me/contentserver/download/ZUPgjAAA5-VVCLX3tPRTcw/	61 KB 61 KB	98ms 93ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZUPgjAAA5-VVCLX3tPRTcw/kKdrn2gO Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash dfdce89f8ba0404823029568c29a2c2a9c2e4e0c090adc5b72df9210d536d41b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 04:07:07 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Thu, 02 Nov 2023 17:46:52 GMT x-b3-traceid 18beae91ef072488678fc53208 age 574111 etag "1e333668c6040d4f922c0ac58a5ad111174652.jpg_62318_1698947212805" x-varnish 590868 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="1e333668c6040d4f922c0ac58a5ad111174652.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62318
GET H2	200	843327d697f0c7f27b6626683dfae8e6_b d35pfiizku3sho.cloudfront.net/pp/9242032/	46 KB 47 KB	79ms 71ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/9242032/843327d697f0c7f27b6626683dfae8e6_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash be8324d3cd7a09e64ec8ebf9348f50f70520389352839b10575ca87cd1fb8257 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 18:00:44 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Tue, 23 May 2023 23:40:14 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 5695 x-amz-server-side-encryption AES256 etag "ab81b393200954e8e937dcc1c77134ae" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 47376 x-amz-cf-id iGY28FczcBS9UUabzGILwRm1rlqDO-h9urClir122nCDD2ci4R5iPA==
GET H2	200	4a864a3d4f437a7a698bc045df9dfe0a_b d35pfiizku3sho.cloudfront.net/pp/6680971/	324 KB 325 KB	79ms 71ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/6680971/4a864a3d4f437a7a698bc045df9dfe0a_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash e2f5e12e9196ce7e35708e90fe3245ef366092252647615a267e931590d9fb20 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 18:18:37 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Wed, 11 Oct 2023 02:07:31 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 5113 x-amz-server-side-encryption AES256 etag "baa2aff0cda7203cff5110d26fa9278c" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 331565 x-amz-cf-id M5hmQnHFcXH-A_Iv_IBBTNFdRo--i-rYJrHEEvKpC-Hmhx2Gs3VYyA==
GET H2	200	live_user_kolyanfromperm-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	12 KB 13 KB	77ms 70ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_kolyanfromperm-320x180.jpg?1103519825 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash 22e8a23cea13a8a658aaf2aadc55e87f94c6ce5a408651a1c27126d2bb5e0dff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:01 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 37 x-amzn-requestid 50d8d200-0922-4de4-8ce5-845cff5a2005 x-cache Hit from cloudfront x-amz-apigw-id PBWbuFlLvHcF61Q= content-length 12760 server nginx x-amzn-trace-id Root=1-65639de4-45dbec2c4862404bd6614e74;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id hDvv0yfTqOHdIRGY42-ogC2P3b24hGTsrxq0WbYe4xqDWmnxCFoWqA== expires Sun, 26 Nov 2023 19:40:01 GMT
GET H2	200	broadcastId=220954685 cdn2.younow.com/php/api/getBroadcastThumb/	214 KB 207 KB	71ms 64ms	Image image/jpeg	18.154.227.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.younow.com/php/api/getBroadcastThumb/broadcastId=220954685 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.154.227.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-154-227-128.iad55.r.cloudfront.net Software nginx / Resource Hash 352b35fadcfa386272635541d638b67a264d931bfcac7247700b09d8d4dfd063 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 30 Oct 2023 19:59:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip x-server-name younow-api-5c88dffb5d-m9598 via kong/2.8.4, 1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P5 x-kong-proxy-latency 0 age 2331363 x-cache Hit from cloudfront x-kong-upstream-latency 251 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control max-age=2595600 x-amz-cf-id 98WDGOBu2J6sbbgr0SUk2VJBF5rCOodEvTqp59r9bJH-JAwJrzJ2Yw== expires Wed, 29 Nov 2023 20:59:35 GMT
GET H2	200	getVideoPreview i.mycdn.me/	16 KB 16 KB	154ms 146ms	Image image/webp	5.101.40.2 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.mycdn.me/getVideoPreview?id=5847060449841&idx=13&type=39&tkn=SjZ8rY6UQG0x5rIjKshwyRVqqQ0&fn=vid_x Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.40.2 , Netherlands, ASN47764 (VK-AS, RU), Reverse DNS Software apache / Resource Hash 7e5b56df3355cfaad8cf3fb4abfdb9e4aa7a0041d8b70533fc4abc7b9e371fe9 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ok-image ?1 date Sun, 26 Nov 2023 19:35:38 GMT last-modified Wed, 27 Sep 2023 19:35:38 GMT server apache etag "686897696a7c876b7e" content-type image/webp access-control-allow-origin * cache-control private, max-age=100000000 accept-ranges bytes timing-allow-origin * content-length 15896 expires Thu, 22 Aug 2024 19:35:38 GMT
GET H3	200	IuZNbQLg cget.tango.me/contentserver/download/ZRAkZAAAY4RH4sjCIBTgjA/	53 KB 53 KB	105ms 100ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZRAkZAAAY4RH4sjCIBTgjA/IuZNbQLg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash b4297c21d1090940937b4ada3ecce2488a47c5702e5b3058d3cf8154877c89f3 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 21:55:31 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sun, 24 Sep 2023 11:58:29 GMT x-b3-traceid 18bf907fba3bbcf71134e173bc3 age 337207 etag "b0561efbb548d0da7e9fdf42fdf0e689115829.jpg_53834_1695556709868" x-varnish 394292 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="b0561efbb548d0da7e9fdf42fdf0e689115829.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53834
GET H2	200	live_user_onlain4ikoff-320x180.jpg static-cdn.jtvnw.net/previews-ttv/	11 KB 11 KB	45ms 38ms	Image image/jpeg	99.84.220.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static-cdn.jtvnw.net/previews-ttv/live_user_onlain4ikoff-320x180.jpg?1085918666 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.220.163 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-220-163.iad79.r.cloudfront.net Software nginx / Resource Hash 1ec7b9773953a565b27e78d09bae718e5e114588c23f00261b2aca966acb8428 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:34:28 GMT via 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C1 age 70 x-amzn-requestid e92cbacf-3fe7-4fd1-9290-de98b8269414 x-cache Hit from cloudfront x-amz-apigw-id PBWWsHXiPHcF6aQ= content-length 10829 server nginx x-amzn-trace-id Root=1-65639dc4-dd5e08352fc5fa9ea305ddb4;Sampled=0;lineage=52d5fd54:0 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=300 timing-allow-origin https://www.twitch.tv x-amz-cf-id OsBIaI0Ks9rZYwQ6HgYZHguf_K0ccMju7bB1cGsho4qG4aXvi1NG3A== expires Sun, 26 Nov 2023 19:39:28 GMT
GET H2	200	cover-b4242b03230c47343392caabcb02fdba_icon.jpeg esx.esxscloud.com/liveme/540x540/	30 KB 30 KB	113ms 106ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-b4242b03230c47343392caabcb02fdba_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 4bf286711bc56a427b7472288b1234c75f2b5a892a17a9ae2f4f131e9e0aa5a3 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 18:58:02 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 18:57:24 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 2257 etag "ba3b934b7058e78df73aceee938371e1" x-cache Hit from cloudfront content-type image/jpeg content-length 30521 x-amz-cf-id IOfBu-E_EuGc94oTnQoum3_EEojtywXxiA24VPU0MIZshm9yeYHLjQ==
GET H/1.1	200 OK	a040fb31c692b3ff9793732ee2ee1a7b_icon.jpeg esx.esxscloud.com/big/liveme/poster/	53 KB 54 KB	63ms 45ms	Image image/jpeg	13.249.39.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://esx.esxscloud.com/big/liveme/poster/a040fb31c692b3ff9793732ee2ee1a7b_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 13.249.39.22 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-22.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 3a695d992aa0f79c64d673e16851cab02a2a1611bde53c5fdad8b7a454e26102 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 05 Nov 2023 02:06:27 GMT Via 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront) Last-Modified Thu, 06 Jul 2023 20:11:26 GMT Server AmazonS3 X-Amz-Cf-Pop IAD89-C1 Age 1877352 ETag "d7d6a94a76305b1bca23447e04658d8a" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive Content-Length 54463 X-Amz-Cf-Id qy-bjqQZlVNLkYmMNxVzD1Y5O1OEEFFQvG8u71iEIh_5LvFMEhxE_w==
GET H2	200	07d8485ec97d08e6a2a821575caa65a1_b d35pfiizku3sho.cloudfront.net/pp/8965028/	529 KB 530 KB	86ms 81ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/8965028/07d8485ec97d08e6a2a821575caa65a1_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash d7b19f87aee293d7d29b67d50d8e5ae844865757f29dda1086be5e9fe5db3bc6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 09:55:28 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 09:01:46 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 34811 etag "d26400822e355ec9d7f46cd02d1bad85" x-amz-server-side-encryption AES256 vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 542079 x-amz-cf-id dXOy69oYrhowZilbBAfcoeQjuzMjfqC-TxzUVaVOnBGIjVr_rSELiA==
GET H2	200	adad25f573beb3854045a659bcb8a6e9_b d35pfiizku3sho.cloudfront.net/pp/7247078/	515 KB 516 KB	86ms 81ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/7247078/adad25f573beb3854045a659bcb8a6e9_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 1ca1c592d70c2d84ada5ff240af3c09a66330133c5c4745159f3f7e27c0d2fa1 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 13:25:16 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Thu, 16 Nov 2023 10:36:01 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 22223 etag "3c467383c22625f98063fb5b3890ce9c" x-amz-server-side-encryption AES256 vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 527814 x-amz-cf-id xxivrh8wSiA0JTJ4BlUyWbbuGMYLNu2tx5jHAMCZLUAA1hH3yocDwA==
GET H2	200	a54782114a68d58e65a71bc8763c8cd3_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	30 KB 31 KB	144ms 139ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/a54782114a68d58e65a71bc8763c8cd3_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash e36986fac5cfbfa9a4c98c182babc411cfb8f0ee7a706df4624fa5214dab1f07 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 05 Nov 2023 21:35:05 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Mon, 09 Oct 2023 22:25:33 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 1807234 etag "8e4753de9b6247070b94337664e47b94" x-cache Hit from cloudfront content-type image/jpeg content-length 31119 x-amz-cf-id s8mckzD84It_jhqnBuFo4b3AurA6rLt9Wd1NKO3zcCUADFs67Q2xPw==
GET H2	200	getVideoPreview i.mycdn.me/	17 KB 17 KB	155ms 150ms	Image image/webp	5.101.40.2 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.mycdn.me/getVideoPreview?id=5795973827308&idx=9&type=39&tkn=7C3ls84WLvmfL4nku-3HxuobuJs&fn=vid_x Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.40.2 , Netherlands, ASN47764 (VK-AS, RU), Reverse DNS Software apache / Resource Hash 2eec07b96b7ffb8e89352436fb33eae5ef335b16cdc0cfe8a2e567c12264a6ec Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ok-image ?1 date Sun, 26 Nov 2023 19:35:38 GMT last-modified Wed, 27 Sep 2023 19:35:38 GMT server apache etag "686897696a7c876b7e" content-type image/webp access-control-allow-origin * cache-control private, max-age=100000000 accept-ranges bytes timing-allow-origin * content-length 17628 expires Thu, 22 Aug 2024 19:35:38 GMT
GET H3	200	Tx6Bktfx cget.tango.me/contentserver/download/ZU7kwgAAP28n46qiexep1g/	64 KB 64 KB	104ms 100ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZU7kwgAAP28n46qiexep1g/Tx6Bktfx Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 3f50e815816048e96eccd100fed8374a438156bcd278581678815d466a329282 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 20:33:17 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sat, 11 Nov 2023 02:19:47 GMT x-b3-traceid 18c082fc563ae986a69759d0505 age 82941 etag "7c608f6e1cf3c4bdab1c7f1dba0ebafe021946.jpg_65194_1699669187071" x-varnish 2031988 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="7c608f6e1cf3c4bdab1c7f1dba0ebafe021946.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65194
GET H3	200	OOZsrefb cget.tango.me/contentserver/download/ZEwp7QAAOFv_chrY3qYQ3Q/	108 KB 108 KB	116ms 112ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZEwp7QAAOFv_chrY3qYQ3Q/OOZsrefb Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 8fbb0a85a1690e6f7fb50b837d541acd16f91581e79f8e1568608b93a3b297d6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 20:26:34 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Fri, 28 Apr 2023 20:17:50 GMT x-b3-traceid 18c030342a1af1c0301fd59aee age 169744 etag "ad41aca9f118f66fb5d9ecc3c5f9f839201750.jpg_111003_1682713070592" x-varnish 885562 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="ad41aca9f118f66fb5d9ecc3c5f9f839201750.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111003
GET H2	200	26fbfa2cfdce5ebfdb9dc6cc14511aa7_b d35pfiizku3sho.cloudfront.net/pp/11624488/	473 KB 474 KB	83ms 78ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/11624488/26fbfa2cfdce5ebfdb9dc6cc14511aa7_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 8d7fb5fb28e2121ab9a3f16d44e63eee145f90839611b3accb76b8d66e356de1 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 00:26:32 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 17:47:31 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 68947 x-amz-server-side-encryption AES256 etag "88c7b1a13ecacdaf7625d239b35e551f" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 484147 x-amz-cf-id ijjuQa1udSpRTPvBzuSGpR_rYwIJVmZkHXacKzFaYPBPdaLVWsbLig==
GET H2	200	fe0ca42bdd117b1aa7fea55e520d3435_b d35pfiizku3sho.cloudfront.net/pp/8757503/	234 KB 235 KB	86ms 81ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/8757503/fe0ca42bdd117b1aa7fea55e520d3435_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 8a4e3843302fa60aa21333a6b4545c3a18a6562f7b3d699acd7e6e6d506391ba Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 14:56:23 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 14:54:43 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 16787 x-amz-server-side-encryption AES256 etag "43b1a344cb151679f04720cd9fa367e2" vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 239774 x-amz-cf-id xZ82qAHk44M5mX4UnfVTgqbiqDIaj1B33plPaWah4cViiqMaBmwSJg==
GET H2	200	4bbb0b1ac7e10800a776690fd949cffa_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	15 KB 16 KB	144ms 140ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/4bbb0b1ac7e10800a776690fd949cffa_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 93db3821c77818b578d58c70c7ab47136bc275468b5ed1c26d5bcf378c5248df Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 07:03:27 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Fri, 17 Nov 2023 07:03:26 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 822732 etag "4f669c4eb8eaad433d1ddc7d608ab8a3" x-cache Hit from cloudfront content-type image/jpeg content-length 15593 x-amz-cf-id GsIn9k1-tg9eFzU_l7Y5GXx6Pqt76l9jt_AOchDe1h0uCTb8U0GXgA==
GET H2	200	90fdddae0b20b0bdd8f5cecb3ae69388_icon.jpeg esx.esxscloud.com/liveme/540x540/	38 KB 39 KB	135ms 131ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/90fdddae0b20b0bdd8f5cecb3ae69388_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 42276403f4fc34c15c0c88f93526d86f8c3ff5b5458ae6540e80156356ab9a4f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 16:20:34 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 16:20:33 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 11705 etag "de90b1dcea5d6e35fd9f48feec30e8f4" x-cache Hit from cloudfront content-type image/jpeg content-length 39171 x-amz-cf-id y7mywaTq-hjkBmipia3WNwHA_7A2ilDaQUMBPl07mUKJdW15gRkZuw==
GET H3	200	lEKrxm9Z cget.tango.me/contentserver/download/ZRTxPQAAh0Ip1SiuRck4rA/	225 KB 226 KB	122ms 118ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZRTxPQAAh0Ip1SiuRck4rA/lEKrxm9Z Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash dfa283c918a9f012c87be3e6c649b434958b53f5d8adc720677e0b768188b9f7 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 21:59:50 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Thu, 28 Sep 2023 03:21:34 GMT x-b3-traceid 18bf90bf07ab2e304b405da6303 age 336948 etag "745aa7bb73dd9d5e4e422ac0aacd6e1f032134.jpg_230861_1695871294538" x-varnish 295175 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="745aa7bb73dd9d5e4e422ac0aacd6e1f032134.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 230861
GET H3	200	EVFU0LgS cget.tango.me/contentserver/download/ZU_bmgAARuk1AnHwwlww2Q/	147 KB 147 KB	125ms 122ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/ZU_bmgAARuk1AnHwwlww2Q/EVFU0LgS Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash 614c6ab0d3d7f898d654023080a44d10648805d14c523dcb264b67b4d3c192b8 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 22:25:07 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sat, 11 Nov 2023 19:52:59 GMT x-b3-traceid 18c08962b445ecf9ebef7a719ad age 76231 etag "1b54f739f082b305fd441074931e4aea195259.jpg_150694_1699732379913" x-varnish 1541062 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="1b54f739f082b305fd441074931e4aea195259.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 150694
GET H2	200	cover-d240709c9bb2891de7787e5955f52536_icon.jpeg esx.esxscloud.com/liveme/540x540/	27 KB 27 KB	138ms 134ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-d240709c9bb2891de7787e5955f52536_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 1152698a8ec4129a809ca4b6a7ab1e1c8b696e4bab01373c7ac6c4280bd0b42f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 26 Oct 2023 19:39:02 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Tue, 17 Oct 2023 17:30:42 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 2678197 etag "bd863575a3e4db7a8cd7bc4a1f9eea89" x-cache Hit from cloudfront content-type image/jpeg content-length 27564 x-amz-cf-id 84D-e1ukeaWmVv45CZmFNNSSAj71g5AMZ8p9LsiUDpf-4x4f_STz2g==
GET H2	200	cover-17eaa23efd5407aad03800ceb638dd98_icon.jpeg esx.esxscloud.com/liveme/540x540/	37 KB 37 KB	144ms 140ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-17eaa23efd5407aad03800ceb638dd98_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash d34bccf60533b8b1e2c76c98123784156fc6d659228591b48b2cb137a912630b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 06 Nov 2023 19:28:47 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Mon, 06 Nov 2023 19:28:43 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 1728412 etag "4b755f7c2518fdf5f9ad939050863149" x-cache Hit from cloudfront content-type image/jpeg content-length 37617 x-amz-cf-id zG_dQKxYQAgnRVxpNIZgwrl3iSzCwo2U09E8FSTiscBmbMHfovZ8-w==
GET H2	200	cover-57a85cf35e4f143799f027d3f3e1e715_icon.jpeg esx.esxscloud.com/liveme/540x540/	58 KB 58 KB	144ms 140ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-57a85cf35e4f143799f027d3f3e1e715_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 6ae58232b6c5f428ee327f331fda9c0755b4467cb2e80751ef0f6ba28d403343 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 11:50:23 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Fri, 17 Nov 2023 11:50:09 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 805516 etag "d3d416f30f8e2c42f03ce318224f6c25" x-cache Hit from cloudfront content-type image/jpeg content-length 59218 x-amz-cf-id 0vRpjSqeYxqjkWQt8WFwpReUDVLaQhyJJoJWx2vY9DEAXjaAKNx9AA==
GET H2	200	baff75a05927a85fda2ecf708e24e4b6_b d35pfiizku3sho.cloudfront.net/pp/12352104/	521 KB 522 KB	84ms 80ms	Image image/jpeg	18.165.94.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35pfiizku3sho.cloudfront.net/pp/12352104/baff75a05927a85fda2ecf708e24e4b6_b Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.94.147 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-94-147.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 7f719820d8a2df0dc9e0c062c9daa66e9fe8ddce8cb4153f2eba55635033db9c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:23:01 GMT via 1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront) last-modified Tue, 21 Nov 2023 12:10:02 GMT server AmazonS3 x-amz-cf-pop IAD55-P4 age 758 etag "f9e9676c964c074d3e9f5f33c253eb01" x-amz-server-side-encryption AES256 vary Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 533914 x-amz-cf-id RuKR_g0VS9ffRvF0GcfWyMV4-w57OH4sGTmCgDILBEQpur5p0AgB_Q==
GET H3	200	jNmc8Mw6 cget.tango.me/contentserver/download/Yj8u4AAAAqXT_WqywSrksQ/	134 KB 134 KB	132ms 129ms	Image image/jpg	34.149.255.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cget.tango.me/contentserver/download/Yj8u4AAAAqXT_WqywSrksQ/jNmc8Mw6 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 34.149.255.147 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 147.255.149.34.bc.googleusercontent.com Software / Resource Hash aeaebdcca284d9b6f64720bb2fe016dba9723faa9ff46f68e5f4cfb8f379e585 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 23:31:05 GMT via 1.1 varnish (Varnish/6.0), 1.1 google last-modified Sat, 26 Mar 2022 15:18:57 GMT x-b3-traceid 18bef12c11d632fa334b810a3fd age 504273 etag "84b08743e56c61794bcb135ee0afef86151857.jpg_137443_1648307937822" x-varnish 2001005 access-control-allow-origin * content-type image/jpg cache-control public,max-age=604800 content-disposition inline;filename="84b08743e56c61794bcb135ee0afef86151857.jpg" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137443
GET H2	200	f6043b8e3ae045545a13a68a9d72f18b_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	38 KB 38 KB	144ms 141ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/f6043b8e3ae045545a13a68a9d72f18b_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash de7ddb8f4f854a111357ca0623e9f15314f97af7ffa9a531983f94432eee5959 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 14 Nov 2023 14:01:50 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Tue, 14 Nov 2023 14:01:50 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 1056829 etag "975966e9f9ad4c2198aa1630bbbe89d8" x-cache Hit from cloudfront content-type image/jpeg content-length 38914 x-amz-cf-id YwL2QNYVLGTFI70Ru-2tIL5SyYxifJxyLk1jp0hnKm8oKGfzViWJlA==
GET H2	200	cover-5c8b67bee9eac95b5fba0e84d29624ff_icon.jpeg esx.esxscloud.com/liveme/540x540/	29 KB 29 KB	139ms 136ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-5c8b67bee9eac95b5fba0e84d29624ff_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash b566f4b3e4dafe4e9e23eff09a3f8630cf031468664176f1c6bc0181b5dc7c07 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:16:09 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Fri, 24 Nov 2023 00:16:06 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 242370 etag "fcf9b75430f0eba9d0025b0789d7f23f" x-cache Hit from cloudfront content-type image/jpeg content-length 29507 x-amz-cf-id 5OiXe5CgAUxJm6J1DGKg8TY6M5KgdChR0R8i0sBMjMV9SsO_OEB5bg==
GET H2	200	bf88ce607d7dbe52393d8220e48815d0_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	62 KB 62 KB	144ms 140ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/bf88ce607d7dbe52393d8220e48815d0_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 5cb9f107ba98e13525f180ee17cea37654535b1f08478344a2566b888bcffc4a Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 05:11:40 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Fri, 24 Nov 2023 04:26:05 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 224638 etag "69d2517213c4bf64244116752a216ae3" x-cache Hit from cloudfront content-type image/jpeg content-length 63194 x-amz-cf-id wUYH_CK0WWrB8fgAxsND1BFGjvWx2TdW8Ucwh9CWCM_5t1BYHbZtZQ==
GET H2	200	a4c0a2e4fd266b5cb0a97d4d982cf695_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	42 KB 42 KB	145ms 141ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/a4c0a2e4fd266b5cb0a97d4d982cf695_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 683e944f1a4364947047984d56e95792eec1de619986b660a01539439e911d64 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 13 Nov 2023 20:34:37 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Mon, 06 Nov 2023 17:08:42 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 1119662 etag "9ae350bcd8c76f2576868bfaff10ed02" x-cache Hit from cloudfront content-type image/jpeg content-length 42631 x-amz-cf-id Wr2Mc8gWsETbUCjBrckvyfDYp46nz3P11C-tp-8KNtiD1oBZNo6Rpg==
GET H2	200	cover-2533781b80b58299961b152848c836eb_icon.jpeg esx.esxscloud.com/liveme/540x540/	18 KB 18 KB	143ms 140ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/540x540/cover-2533781b80b58299961b152848c836eb_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash e1b50944a04a6e9328d41558e980b2d35ab6c339f3368eca346fded1bfe5ba5b Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 22:53:36 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Thu, 23 Nov 2023 22:53:32 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 247323 etag "536bec336851468404a10e1accd606e7" x-cache Hit from cloudfront content-type image/jpeg content-length 18180 x-amz-cf-id tOSn6cwXolKip-ZqHrLOdZww0m5Sf_176j9hN54RrlzyWvebb84dUA==
GET H2	200	908f9f0020a6a00dc89eeb83da164a20_icon.jpeg esx.esxscloud.com/liveme/poster/540x540/	39 KB 40 KB	144ms 141ms	Image image/jpeg	13.249.39.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esx.esxscloud.com/liveme/poster/540x540/908f9f0020a6a00dc89eeb83da164a20_icon.jpeg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.249.39.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-249-39-28.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash f120f59ba8e961d57e1f66d8ec761eefb3f0bc487b7723b5b525e4816ace10a1 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 06:33:06 GMT via 1.1 baddfcb4f2a6876b4fcc03bcd62427ee.cloudfront.net (CloudFront) last-modified Sun, 26 Nov 2023 06:33:06 GMT server AmazonS3 x-amz-cf-pop IAD89-C1 age 46953 etag "775ad1859ca0ca7f7f5a3fab2dc35f77" x-cache Hit from cloudfront content-type image/jpeg content-length 40428 x-amz-cf-id VWb-gbKlFGx8qyyyC8ASimXEpT3Y_MKF2BYfGNi3EqcybAR3RIYVgw==
GET H2	200	banner.js Show response velocecdn.com/script/ Redirect Chain http://greatdexchange.com/a/display.php?r=1879615 https://velocecdn.com/script/banner.js?r=1879615	105 KB 36 KB	102ms 38ms	Script text/javascript	104.17.172.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://velocecdn.com/script/banner.js?r=1879615 Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Server 104.17.172.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93fca84f1c50450a379b0583bafe60cf2053a2ab67bc378968b8ff7a88b6b326 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:37 GMT content-encoding gzip cf-cache-status HIT age 689 x-guploader-uploadid ABPtcPpYdgMyvWi5bku_yWBoG2U7IUc-Eote8zJ8_gL5GM6pNE7_iR_tV67w_giFHYX3DO-XAxfxPfeKCmnqCbA8IqKTNKJ07XN4 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Tue, 21 Nov 2023 09:26:36 GMT server cloudflare etag W/"b48e6ae2b21e3be11f21ac4c042f70c3" vary Accept-Encoding x-goog-generation 1700558796163159 content-type text/javascript access-control-allow-origin * x-goog-hash crc32c=OkCa6Q==, md5=tI5q4rIeO+EfIaxMBC9www== cache-control public, max-age=14400 x-goog-stored-content-length 107419 cf-ray 82c4935e3f4736ae-YYZ expires Sun, 26 Nov 2023 23:35:37 GMT Redirect headers Date Sun, 26 Nov 2023 19:35:37 GMT via 1.1 google CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked access-control-allow-methods GET, POST, OPTIONS Content-Type text/html; charset=utf-8 access-control-allow-origin * location https://velocecdn.com/script/banner.js?r=1879615 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2F1Y6Bu2mbR4Mju%2Fk2JtKgM3mI7apwaddx7hbwzPq35hV9TClno7JwSDQJj1oOG%2BkarvMR8lHXL9xe75vHD7c5srcCfayKA28pbBAI86A8E24lnd5CqXRaMzadxXqL29KgxaruY%3D"}],"group":"cf-nel","max_age":604800} Connection keep-alive CF-RAY 82c4935d298139e7-YYZ access-control-allow-headers Content-Type alt-svc h3=":443"; ma=86400
GET H2	200	ga.js Show response www.google-analytics.com/ Redirect Chain http://www.google-analytics.com/ga.js https://www.google-analytics.com/ga.js	45 KB 17 KB	111ms 33ms	Script text/javascript	142.251.16.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/ga.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Server 142.251.16.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f101.1e100.net Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 26 Nov 2023 18:04:36 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5462 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Sun, 26 Nov 2023 20:04:36 GMT Redirect headers Location https://www.google-analytics.com/ga.js Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	150 KB 55 KB	96ms 77ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash 087b5092bdf54870710b8b3b69639489f3d66a506d5d6e0c896bfa54bf6e915c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Length 55546 X-XSS-Protection 0 Server cafe ETag 6284713138799490009 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, max-age=3600 Timing-Allow-Origin * Expires Sun, 26 Nov 2023 19:35:38 GMT
GET DATA	200 OK	truncated /	125 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7628199521c017d06ce776310bba9e70636025e75d89a293d09dcac49d97f95a Request headers accept-language en-CA,en;q=0.9 Referer http://adcity.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	grey.gif adcity.ru/img/	43 B 350 B	19ms 19ms	Image image/gif	149.56.110.20 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://adcity.ru/img/grey.gif Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol HTTP/1.1 Server 149.56.110.20 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS 20.ip-149-56-110.net Software nginx/1.8.1 / Resource Hash 902feb64d8b6d481ab8ddda06fbebbba4c95dfa9b7936a7beeb197266cd8b846 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:37 GMT Last-Modified Thu, 05 Dec 2013 20:00:00 GMT Server nginx/1.8.1 ETag "52a0db40-2b" Content-Type image/gif Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 43 Expires Tue, 26 Dec 2023 19:35:37 GMT
GET H/1.1	204 No Content	banner.php youradexchange.com/script/	0 0	110ms 85ms	Fetch	172.64.171.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://youradexchange.com/script/banner.php?r=1879615&cbpage=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&cbref=&cbdescription=LiveOMG.com%20is%20real-time%20rating%20of%20LIVE%20broadcasting%20from%20all%20over%20the%20world.%20Popular%20events%20and%20shows.%20Parties%2C%20webcams%20and%20more.%20Become%20an%20eyewitness%20of%20Live%20OMG%20events.&cbkeywords=&cbtitle=Rising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&srs=342b82b14e27a3429758979ff3515abe&atv=38.2 Requested by Host: greatdexchange.com URL: http://greatdexchange.com/a/display.php?r=1879615 Protocol HTTP/1.1 Server 172.64.171.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sun, 26 Nov 2023 19:35:38 GMT via 1.1 google CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare access-control-allow-methods GET, POST, OPTIONS Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nypmVfn2ttCgV9k%2BKoc%2BLZWq5sukjusyZEbZqZ39nWbTJOGnIYEqFreLtEXSeCuubJjQbruvOOt7wFM2YQNty119q0S2nI5E2XWp4b%2F%2B%2BpSt7jg7OfCiPpdBWloMM4L7IsY4bro%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * Connection keep-alive CF-RAY 82c4935f98cb4294-EWR access-control-allow-headers Content-Type alt-svc h3=":443"; ma=86400
GET H2	200	watch.js Show response mc.yandex.ru/metrika/ Redirect Chain http://mc.yandex.ru/metrika/watch.js https://mc.yandex.ru/metrika/watch.js	155 KB 56 KB	585ms 282ms	Script application/javascript	77.88.21.119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Server 77.88.21.119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS mc.yandex.ru Software / Resource Hash f19bfab24c963f68f56cf94be4ed83bc9c40a0cfe6c2652e3c9663f1c0f48dfb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:39 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Fri, 24 Nov 2023 08:37:03 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "656060af-db36" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 56118 expires Sun, 26 Nov 2023 20:35:39 GMT Redirect headers Location https://mc.yandex.ru/metrika/watch.js Content-Length 0
GET H2	200	__utm.gif www.google-analytics.com/r/ Redirect Chain http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1907563267&utmhn=adcity.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rising%20Pe... https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1907563267&utmhn=adcity.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rising%20P...	35 B 198 B	44ms 43ms	Image image/gif	142.251.16.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1907563267&utmhn=adcity.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&utmhid=1577125178&utmr=-&utmp=%2F%3Fsort%3Drising&utmht=1701027338994&utmac=UA-1009467-3&utmcc=__utma%3D227175629.1216368990.1701027339.1701027339.1701027339.1%3B%2B__utmz%3D227175629.1701027339.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=777980528&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Server 142.251.16.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f101.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1907563267&utmhn=adcity.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Rising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&utmhid=1577125178&utmr=-&utmp=%2F%3Fsort%3Drising&utmht=1701027338994&utmac=UA-1009467-3&utmcc=__utma%3D227175629.1216368990.1701027339.1701027339.1701027339.1%3B%2B__utmz%3D227175629.1701027339.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=777980528&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/	400 KB 136 KB	139ms 71ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash 7bd9215a38cacd1202aa4e790ca9b86966c3c9cc1fc69624f07ef1a68d69b019 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138496 x-xss-protection 0 server cafe etag 4300314901649077237 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 26 Nov 2023 19:35:39 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame DC58	9 KB 4 KB	101ms 33ms	Document text/html	172.253.115.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f155.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 59577 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 26 Nov 2023 03:02:42 GMT etag 16674218716276178799 expires Sun, 10 Dec 2023 03:02:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 14C3	75 KB 21 KB	446ms 445ms	Document text/html	172.253.115.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&adk=1812271804&adf=3025194257&lmt=1701027339&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C212x810_r&format=0x0&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&dt=1701027339024&bpp=3&bdt=1418&idt=218&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2158944082333&frm=20&pv=2&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f155.1e100.net Software cafe / Resource Hash 3140f7be63a274194056725c02b20eefe900b57e60239d947d4dca89277a0c9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 21570 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 26 Nov 2023 19:35:39 GMT expires Sun, 26 Nov 2023 19:35:39 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame CFA9	104 KB 44 KB	405ms 405ms	Document text/html	172.253.115.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f155.1e100.net Software cafe / Resource Hash 49f60f015615dda6dde9f240c0a4e209f8381c296385f56b19309318a663ab31 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 44447 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 26 Nov 2023 19:35:39 GMT expires Sun, 26 Nov 2023 19:35:39 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame CFA9	42 B 174 B	58ms 57ms	Image image/gif	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWlpzcepBeCbFui5J5mp7N_HYck9c3N9ze6U_hBmm0fxkE9j4J6DvqEi5ls-K9kDPB4hvkmbGwB9K9CjQ8YoaOyIPbt_rHt9_7JTiGk1outbwibJc Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 65DF	624 B 246 B	55ms 55ms	Document text/html	172.253.115.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGN-g5v0BMAE&v=APEucNWE6Vnpp6xLZmLtUqBiBgbd8sLui9zajSZdv5rsSx7KqsmjoIjISshiJGsSA4GG98jj0Gvz-7zhcOFsr1spoSE1Qr9Nyg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f155.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 26 Nov 2023 19:35:39 GMT expires Sun, 26 Nov 2023 19:35:39 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame CFA9	111 KB 39 KB	105ms 34ms	Script text/javascript	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 03:57:20 GMT content-encoding gzip x-content-type-options nosniff age 56299 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 27 Nov 2023 03:57:20 GMT
GET H2	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame CFA9	7 KB 3 KB	33ms 33ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 14:32:54 GMT content-encoding br x-content-type-options nosniff age 18165 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 10 Dec 2023 14:32:54 GMT
GET H2	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame CFA9	23 KB 9 KB	33ms 33ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 22:52:50 GMT content-encoding br x-content-type-options nosniff age 74569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 09 Dec 2023 22:52:50 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame CFA9	41 KB 14 KB	108ms 39ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 11:56:25 GMT content-encoding br x-content-type-options nosniff age 286754 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 11:56:25 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CFA9	3 KB 1 KB	102ms 38ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 03:19:34 GMT content-encoding br x-content-type-options nosniff age 58565 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 10 Dec 2023 03:19:34 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CFA9	20 KB 9 KB	97ms 34ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 11:14:15 GMT content-encoding br x-content-type-options nosniff age 30084 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 10 Dec 2023 11:14:15 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame CFA9	202 KB 64 KB	104ms 35ms	Script text/javascript	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:39 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 26 Nov 2023 19:35:39 GMT
GET H2	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/	160 KB 55 KB	58ms 58ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash 73bc4489f97a100be5550817a09d97f5aea8e5838d0d214277b12d167660242a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:39 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55793 x-xss-protection 0 server cafe etag 17679635119223393505 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 26 Nov 2023 19:35:39 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 65DF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1&C=1	43 B 338 B	52ms 51ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGN-g5v0BMAE&v=APEucNWE6Vnpp6xLZmLtUqBiBgbd8sLui9zajSZdv5rsSx7KqsmjoIjISshiJGsSA4GG98jj0Gvz-7zhcOFsr1spoSE1Qr9Nyg Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbwhqpgGLMptu0uFBvPQevDNW74qQJkI%2B2%2BrGZuRRxZ3Pab06aggDxFfWZBmsaZjDIA9ugW35YWSqw0MWVHOB%2BnibSHGJYaAgnM2gXbBdQKDJboJAKkhH8RVTpPs6xkD2DGvFvOyGHh00Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82c4936a3af37139-YUL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jelxQSYyn5SAR%2FEaDU0pLNPN2N9PhMd%2BqS6iYmln5PmKiA6UmS3GvXcxNsIrHjr%2BrsYg8FHSnJ1cTvzq0GlOyfhA2ateXkbrEqp%2FHZpxGM828j6wlr9iBQZNMjn23lvnHwTS%2FgSiJ%2BfReQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1&C=1 cache-control no-cache cf-ray 82c49369da307139-YUL alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 65DF Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWOeC1iouvXvPbj3xBLylQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1	43 B 772 B	77ms 77ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGN-g5v0BMAE&v=APEucNWE6Vnpp6xLZmLtUqBiBgbd8sLui9zajSZdv5rsSx7KqsmjoIjISshiJGsSA4GG98jj0Gvz-7zhcOFsr1spoSE1Qr9Nyg Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:40 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAbSEkqmPwpf%2B5bqvimM1PJet%2FGZ836JAxY%2BiXM0XPAt2jY47693lp%2BiN4kCg5IOLuffUJ7ivTyhCiqi2romW7Ft8nzrgptI73xuMdBxMgxEVvYxVsr2KE8VYy1gE43j9zzzexm3ZXaQEQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82c4936b1e0636fb-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELLBN2ahER1yVMv-sE0XKU0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 65DF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEGHdzIa7hgppFFGLt6VKEHU&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGHdzIa7hgppFFGLt6VKEHU%26google_cver%3D1	43 B 889 B	66ms 65ms	Image image/gif	68.67.160.137 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGHdzIa7hgppFFGLt6VKEHU%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGN-g5v0BMAE&v=APEucNWE6Vnpp6xLZmLtUqBiBgbd8sLui9zajSZdv5rsSx7KqsmjoIjISshiJGsSA4GG98jj0Gvz-7zhcOFsr1spoSE1Qr9Nyg Protocol H2 Server 68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT an-x-request-uuid 7b5379e0-71a7-40f8-96f6-32d2be1a69d7 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.213.80.46; 185.213.80.46; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT an-x-request-uuid c43808a8-0fe9-44d6-8226-cf4d0b8b2f36 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGHdzIa7hgppFFGLt6VKEHU%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 185.213.80.46; 185.213.80.46; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 65DF Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MjU2OTQ4OTc2NzUyMDMyNA%3D%3D	170 B 188 B	46ms 46ms	Image image/png	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MjU2OTQ4OTc2NzUyMDMyNA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXqFBCMwKcBGN-g5v0BMAE&v=APEucNWE6Vnpp6xLZmLtUqBiBgbd8sLui9zajSZdv5rsSx7KqsmjoIjISshiJGsSA4GG98jj0Gvz-7zhcOFsr1spoSE1Qr9Nyg Protocol H3 Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT an-x-request-uuid f5581b9f-34d6-4465-bc42-a6bc1e51ece8 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0MjU2OTQ4OTc2NzUyMDMyNA%3D%3D x-proxy-origin 185.213.80.46; 185.213.80.46; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 17D7	9 KB 4 KB	34ms 33ms	Document text/html	172.253.115.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f155.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 39316 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 26 Nov 2023 08:40:23 GMT etag 16674218716276178799 expires Sun, 10 Dec 2023 08:40:23 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame CFA9	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ca7130a9a6959345c8a04a72ab4e478a428d85d22097b1f466714471aa683fb2 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 898A	38 KB 13 KB	34ms 33ms	Document text/html	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 300340 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 23 Nov 2023 08:09:59 GMT expires Fri, 22 Nov 2024 08:09:59 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	afr.php Show response ads.us.criteo.com/delivery/r/ Frame E154	222 KB 59 KB	227ms 154ms	Document text/html	74.119.119.65 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.65 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 187e45a0b9f38464253f9c5f354f86fc1d1419a72ce9a879c71590ad2484377f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sun, 26 Nov 2023 19:35:39 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=_m_BVQj6aJKO3VakjNHobec52umAIH20QcjF6f1FusM6qYCBOLAHR6xI4yphoEwcISZIjFiL0CW9d4bAzabMmub6Dn3Zsil7KdZRmkjOrRlBC-kvu9ue3sGBRObJApGetqS29eAWSrObCfa4XoOVKPNxv3hOE4rQbecG5Onsq1i6vWwZbCOE2SgOFOmLuE7zP4jJ1RX5gpH5YWD_Y7KK93H7wITDMMwnkkMzZraCJQIUG6pG1HiGsYgJe8Gg9ct10iO4vw"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 117263422 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 17D7	3 KB 1 KB	37ms 33ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 03:19:34 GMT content-encoding br x-content-type-options nosniff age 58565 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 10 Dec 2023 03:19:34 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 17D7	20 KB 8 KB	38ms 34ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 11:14:15 GMT content-encoding br x-content-type-options nosniff age 30084 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 10 Dec 2023 11:14:15 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 17D7	202 KB 64 KB	38ms 35ms	Script text/javascript	172.253.122.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f156.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:39 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 26 Nov 2023 19:35:39 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	47 KB 9 KB	111ms 39ms	Document text/html	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash ff4a5d02d679eedfb10be63d1f18ddeacbab8e2aecf5a673eaaca55ba63a62c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 536197 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 9510 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 20 Nov 2023 14:39:02 GMT expires Tue, 19 Nov 2024 14:39:02 GMT last-modified Thu, 16 Nov 2023 19:06:45 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame CFA9	0 0	141ms 67ms	Fetch image/gif	172.253.63.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssCcaZ8QhJdpLtL3JM4CDKDhjRfwWN1nQVZ47xdgiR7L_rsWgm0PNxmWHQJTbjv-BkXyeqkNhRnYAH__EzjO--pKFr57j16O-bN8JpphpcATnx3Rkyjt4E21KyjXQi7_Zunuor1FEWRWs9FPZQbM44RpqWZ6fgvwdei4amPIv1Yjv2PIYcjWRLjHNEhfdEdkzGbuGYfYrY-jcm-c7OPIDqqDnWBR_MJlGyd1UwQHCwY7N-c1EA_neA6B1VXWmpQk9jb-bp2VLcITdwfGdhkSPw7SejDoTa-SQaB9kIocUf7ryd8GKnI1gZzQw25MlcFkD7IWw5CduFjxoTZWsQY2B9qyqz_55jkpepjN9cnqwhNm8yhEldWaRM2uL3YPZRg_Z0AsPPFlWNDTjyMF7AOS3cFXpXnPq45aZY5EWyLKJUVgrMy72qQRBPwp2WQ_B2Q5fXB7sdGG5P58x_eHS0mNvQ72uuZI_AqQeFtH-yJv3Ru03XEK3nkj-qkR6eUWBp5hi25p7j-pPT1KIceKF-FkLcwOoxcAECKqAv9sKsdUApUQE60gwKuodfh0AinxbM3P6GY48IiPN_D4pOBrm3p1V8SoAF3y3fNTYwQ3ApmT15rpadDQQY9Wk8jPrs85dyzHktYgJT3z-O02-sy5cZltgWPR1txOXXL5T4TotLjPQRzSnpeVpwJIT8o1-ukmb98NBOB_MApGVO5WTD5g7QQFxfi9wizTAjpA5VRE8ll_8BD5Mmz_9WuFdJBAj00TX2SQf6Omp1S5RuCZHvhPo1-DYNjB9Pa2d4NZ2UOuVjUZvKp0FI_VhbZEJlaGP1F3xFlrRcEo61oy31UarbwAwbiHSM9h-7yqXFGYzaNAy4s4tkpWXVWb2-j54FcqyN2kbYykehMPsc4pOefsx9hqG2_LeAqiKX6ShDlmtzy-dLHgINv35Frf38RU0Xo5_49qKfnQIE_WnH2mB9gOtqOJrtUhePSYqcbdPvvdaFBVLw6MpyZW0ROtrtz4fnoocMoBvLg5rhXV-UNBJ4-y5OWU6G1Z2vP2_ea_lD5fMgtmGKi5OSpZeR788zZD8jXjK_YyfRJ5AUf1Nkmaw8d4DF47LimmvxxhwK4AlzScDnrG2wBmnWsN9n2AQdJEh-W79C_-2-cRH1Gsh8fki6HJmYvVxXbzguZVsgf8rI3tUWnHyomq8Q_l8yGt-oq5mKVlK0MHZLIth8yoye6UT4lqqafsYj1XCVbpEidyYUJ7Ks2KBVuYkFTa4Hvl_2QzELvLsVfAC126oI6PUW3HSg&sai=AMfl-YR_3czdaetaGVjYwwnfVJpXsl6WVK5vx1efhAoK41SoNVMg8UodA2_rBpEM15onBA2ZyqdHyM5mKOSm-AZ2X8gz8xs9uv2LPjCRdzcrTzpmy2Eq46Shn2ngvA-aUdyu6IXBkx2QbFPQtmJd6tBzlH_DfceVOeQ2mN2kidcqJAQ0P5vEUZwwZZ8XYN3Y9PZfH--Bfp_EkXXZbw3S_pwqzESQX8cGr4LDbr77X9186tExtQanbBD_Q0_EfjOGy4hIdeEZdJ-bA9ESRqnVUrmrj5NTeWblvJFNQqHkMIjgBo0k04_uTs1zg6aYzn1jqFlIyFV8POlcRgE2RFiHOXEEbj9RpaQgEAW6Oo83ZP9AQ3Pdm-w7LyOUpX-TJEv-Fxe_PJLxde1JblsR58C7f99tp-8Spmhulym44wbzD2d_M9ICCZy28UfI6xo0u4p1FnEpcP_5-lg9qFLlvjLSzsV0-ECPWqxk38K6Oc_JpyteXopo9434UL120VC_79I5GNnhZC6M4Jv4ohZZ&sig=Cg0ArKJSzL4DM0dXVuD0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9paGcuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&cbvp=1&cstd=170&cisv=r20231109.32983&arae=0&ftch=1&adurl= Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f149.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 26 Nov 2023 19:35:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	firstevent ihg.demdex.net/ Frame CFA9 Redirect Chain https://ihg.demdex.net/event?d_event=imp&d_src=13687&d_creative=204821491&d_adgroup=571789008&d_placement=381126129&d_site=4498573&d_campaign=31030698&d_cb=1326208340 https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=204821491&d_adgroup=571789008&d_placement=381126129&d_site=4498573&d_campaign=31030698&d_cb=1326208340	42 B 716 B	38ms 37ms	Image image/gif	34.228.100.56 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=204821491&d_adgroup=571789008&d_placement=381126129&d_site=4498573&d_campaign=31030698&d_cb=1326208340 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H2 Server 34.228.100.56 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-228-100-56.compute-1.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers dcs dcs-prod-va6-1-v053-0d355a97b.edge-va6.demdex.com 5 ms pragma no-cache date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid xaL5S3m3Rn0= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-va6-1-v053-02e180b4f.edge-va6.demdex.com 0 ms pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid RvLBhgyMRBY= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://ihg.demdex.net/firstevent?d_event=imp&d_src=13687&d_creative=204821491&d_adgroup=571789008&d_placement=381126129&d_site=4498573&d_campaign=31030698&d_cb=1326208340 cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H3	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame 898A	39 KB 15 KB	33ms 33ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 14:24:58 GMT content-encoding br x-content-type-options nosniff age 18641 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 25 Nov 2024 14:24:58 GMT
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10199.fTBoypwkpROJ-dyyz9LVZIJ6LtCf24aMAoplH543p33g342SoVdWRGWTfnFlV011.355JeX1u1T45oJSvKy0AKAxi_zs%2C https://mc.yandex.com/sync_cookie_image_decide?token=10199.SppJUCUw74E9KXTgTeYinaAExbdIr74IG0bU78SXArMxV3j_DAkICh0c0VVHt7SNuagELHgt1xzD9IMV332xOsJ45L2BETWhX2YPtfjyxs3j6VhqRt3do3VdEExjzorftlnkJcEC9v...	43 B 672 B	151ms 150ms	Image image/gif	77.88.21.119 TELETECH
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=10199.SppJUCUw74E9KXTgTeYinaAExbdIr74IG0bU78SXArMxV3j_DAkICh0c0VVHt7SNuagELHgt1xzD9IMV332xOsJ45L2BETWhX2YPtfjyxs3j6VhqRt3do3VdEExjzorftlnkJcEC9vRDbgbnbdjhKViUnIkoGgV1i7id1v7o2cjxY9Nocnw6FQex7MWTLBlOQN2L-K8JtMCVjvTtLCRJ6IFXOl1oNq6KPzROtLldaiM%2C.ZXdMRdXJ0C_BDsr39iWbEepn2EQ%2C Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Server 77.88.21.119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=10199.SppJUCUw74E9KXTgTeYinaAExbdIr74IG0bU78SXArMxV3j_DAkICh0c0VVHt7SNuagELHgt1xzD9IMV332xOsJ45L2BETWhX2YPtfjyxs3j6VhqRt3do3VdEExjzorftlnkJcEC9vRDbgbnbdjhKViUnIkoGgV1i7id1v7o2cjxY9Nocnw6FQex7MWTLBlOQN2L-K8JtMCVjvTtLCRJ6IFXOl1oNq6KPzROtLldaiM%2C.ZXdMRdXJ0C_BDsr39iWbEepn2EQ%2C date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 498 B	165ms 165ms	Image image/gif	77.88.21.119 TELETECH
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.88.21.119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000 last-modified Fri, 24 Nov 2023 08:37:03 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "656060af-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Sun, 26 Nov 2023 20:35:40 GMT
GET H3	200	easepack_3.9.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 5A78	2 KB 1 KB	56ms 55ms	Script text/javascript	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.9.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 0048f10d1c0b4b5fb308afaccdd5999478646b661c4de7a26acea24a63ace0e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1357 x-xss-protection 0 last-modified Wed, 29 Dec 2021 19:08:40 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 26 Nov 2023 19:35:40 GMT
GET H3	200	gsap_3.9.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 5A78	63 KB 25 KB	38ms 38ms	Script text/javascript	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25329 x-xss-protection 0 last-modified Wed, 29 Dec 2021 19:08:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 26 Nov 2023 19:35:40 GMT
GET H3	200	PNG_Logo.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	2 KB 2 KB	54ms 54ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 2c95f3b25bdb709839708a81c46963c5cde48dc08f39a31f6a2da15afeb4e9b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 03:52:28 GMT x-content-type-options nosniff age 229392 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2229 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 23 Nov 2024 03:52:28 GMT
GET H3	200	JPG_Image1.jpg s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	20 KB 20 KB	90ms 89ms	Image image/jpeg	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/JPG_Image1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 80e39ff28f352967f49a3b88facfcc8cd09d174889b547f48cc15d11454a8bc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:02 GMT x-content-type-options nosniff age 536198 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20261 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:02 GMT
GET H3	200	PNG_Legal.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	1 KB 1 KB	89ms 88ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Legal.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 5877e1f55e8c85222c197af7a43f9d3f6b389d614ce538ff5a11027289a53266 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:02 GMT x-content-type-options nosniff age 536198 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1244 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:02 GMT
GET H3	200	PNG_Text1.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	6 KB 6 KB	91ms 90ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 27dae2aaff9d3ec9cfd46359885174f4fd009f049fbb4ef66eb80b3fe2d5d4ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:02 GMT x-content-type-options nosniff age 536198 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6010 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:02 GMT
GET H3	200	PNG_Text2.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	2 KB 2 KB	91ms 89ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text2.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 82b018f7342050bac35a3d8bd2dd8915156a14fab672a4c81d3998dd818556a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:02 GMT x-content-type-options nosniff age 536198 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1818 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:02 GMT
GET H3	200	PNG_CTA.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	187 B 214 B	90ms 89ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_CTA.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 9696b1a90cf9978a4d8f4baa10068d40f220e3b3f61a64b3042971ef519ab2ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 04:14:36 GMT x-content-type-options nosniff age 228064 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 187 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 23 Nov 2024 04:14:36 GMT
GET H3	200	PNG_CTAText.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	1 KB 1 KB	90ms 89ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_CTAText.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 6dd714d0ec7f50c1ac3cda7a6a5540320f196ed797cdf664bddcbcd01486cdf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:02 GMT x-content-type-options nosniff age 536198 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1333 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:02 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame E154	2 KB 1 KB	118ms 51ms	Image image/svg+xml	74.119.119.131 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.131 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 20 Nov 2024 19:35:40 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame E154	2 KB 1 KB	101ms 34ms	Image image/svg+xml	74.119.119.131 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.131 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 20 Nov 2024 19:35:40 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame E154	308 B 637 B	100ms 33ms	Image image/svg+xml	74.119.119.131 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.131 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Wed, 20 Nov 2024 19:35:40 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame E154	293 B 621 B	101ms 34ms	Image image/svg+xml	74.119.119.131 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.131 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Wed, 20 Nov 2024 19:35:40 GMT
GET H2	200	lg.php cat.va.us.criteo.com/delivery/ Frame E154	43 B 348 B	105ms 36ms	Image image/gif	74.119.119.147 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=kEDhvJ4dS91PwVGiqzUXUGpOBT6tNZ5S9JbpTdzADuz438xxGC6TYRZPtA6meSAjnceK-nMhrEckMO8dfPmupcyhPeYL2C8Y4xtaKgRhresCtYpd0JDP277HMQU1Y36cU8GT64GFuKv0JcIW9l0G5rHV4RYqziilJBifpYUsLUZXoREDpea1pfAS5CQFNoqkIwQ3FMBpGzbbYW0bjGvNZqgh1nDWNWt1j7nP_ETB-CIsJHnsvCJA-uIbOxFazSsKANfg14wymX279GMmY8rZklyVTIthC0EQBSpKpVsHNCtUxfQ7n8iZ2jIP0PDiOzbc4bk4VBexCfef__WSWaTI5fuOUmM-4HDhthRnu_qPDiMWQUwsE3IFFSclZ-ro7SZVC0BKaj1_DmB-AzfoFKQf1YJv4AjQRI_JZSgYGKNplUoptZmy Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.147 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:39 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 3356301 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame E154	12 KB 6 KB	87ms 49ms	Script text/javascript	74.119.119.131 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.131 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 20 Nov 2024 19:35:40 GMT
POST H2	200	all csm.us.criteo.net/ Frame E154	0 128 B	353ms 33ms	Ping text/plain	74.119.119.149 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=_m_BVQj6aJKO3VakjNHobec52umAIH20QcjF6f1FusM6qYCBOLAHR6xI4yphoEwcISZIjFiL0CW9d4bAzabMmub6Dn3Zsil7KdZRmkjOrRlBC-kvu9ue3sGBRObJApGetqS29eAWSrObCfa4XoOVKPNxv3hOE4rQbecG5Onsq1i6vWwZbCOE2SgOFOmLuE7zP4jJ1RX5gpH5YWD_Y7KK93H7wITDMMwnkkMzZraCJQIUG6pG1HiGsYgJe8Gg9ct10iO4vw&sds=2&rev=89278&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.149 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame E154	2 KB 1 KB	81ms 50ms	Image image/svg+xml	74.119.119.131 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.131 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 20 Nov 2024 19:35:40 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame E154	2 KB 1 KB	34ms 33ms	Image image/svg+xml	74.119.119.131 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.131 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-CA,en;q=0.9 Referer https://ads.us.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 20 Nov 2024 19:35:40 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 898A	0 20 B	62ms 61ms	Image image/gif	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BErLJC55jZfj2FKWZ4_UPn_O42AkAAAAAOAHgBAI&bg=!paalpunNAAZxrfrxUa07ADQBe5WfOKe56G8Sxt302WRnjTvnhjZNE-QGKfCza1_sCV4OqC4Mt8NkWaUEkU5sVrjPwgM8AgAAAFpSAAAAAmgBBwoAGAuPLuH3O4imGb85gxHWV4MZmq0FninJl5kCzdSYgtujG2-9Gwp7-jLHVh1mfrQLmDYFnqSCOT0EwLzA2_12_EXtQbC6eyG6DdiMZgs1rAHGcFqx6aInuJd8bpWm4xcO3wBtHCdgI8XrgXrR4YLAhoUe-OP-Ftz7O8FuMc2lyAGP3cB9FThhzGy2-yhaR55COt9f7LydJRVaEs3D6yxv8Awt8nnFQwrv-ijqoeR0A_VXHG3MXuHQDTxrsCQ_KOHbLlRewp6diqEh3fC_vDd1b5Th4OzcpMKKFs2HaEosZK2EeUuFjNWqyc4u_VlUy0jhyaLUQPahmFt0knWp2GiiFdavygsGxabk3pmf2UUSPAdqJFb1pTBa6aK5ou3O-U2UwGQLRm8KQyiu-u2WQk_SMwbRaNZMrhnZNf4mDdoNRu7p194JJIxB8_rCG97r0bN3f1Wj-lwQ93AuUawGH8Q9X2VvX6-isXgdH4_eotCP1mw31_nBVQhoAbkEU8G-KnbEP9kldhxaHwXrM0Dz_5Q4Yg_lQoPKo9DaPL2-JtChosq6wIoT5X_GV7wlf601EamCebY4by0bcboj26LnGztXpfhQKHUHq3tVufZ0Kt2DG9TBzurR_YMQAXKUxYapWvqlnt9JzQzCryBcNaNRBMKfRZsSbXuAC4IaZ5UggBlp6rjNkFHliTWu2PtQOmffPFOtFzqTVDBzxORWtVtBXiaqR2CDv7A_1qAVYBFTVT6iMcPXY8AHMvSyfkbwvsPZvmdnqFQ6HWtjkO6IwUjI5vpo-Fxw42x-O_9HPK9HVsFmPfnl6tep9UO-if6RYMBFzeNcfYt59zGH_BqMGZuzv1CB5wmcjxrZVkvWtW_iobnGUxWP04Ma4eUMfbFzuRXPEQ5Nk6jzsRIkdrNFSp3PCdbd_uV7aUW-VVNrJuNW-MMRG4QOmG9vqCoAuVyfKg8pBcRCLpxWxAMOfnK8k_WV0Dky4fjcEm2o8aTCeg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5407861935980605&output=html&h=90&slotname=5077646291&adk=1628790265&adf=371107479&pi=t.ma~as.5077646291&w=728&lmt=1701027339&rafmt=12&format=728x90&url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&ea=0&wgl=1&dt=1701027339027&bpp=1&bdt=1422&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2158944082333&frm=20&pv=1&ga_vid=1216368990.1701027339&ga_sid=1701027339&ga_hid=1577125178&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=19&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079605%2C31079628%2C44795922%2C31078301%2C44807749%2C44807763%2C44808148%2C44808284%2C44809055%2C21065725&oid=2&pvsid=2346674073235954&tmod=1432053483&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view ad.doubleclick.net/pcs/ Frame CFA9	0 0	62ms 61ms	Fetch image/gif	172.253.63.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssCcaZ8QhJdpLtL3JM4CDKDhjRfwWN1nQVZ47xdgiR7L_rsWgm0PNxmWHQJTbjv-BkXyeqkNhRnYAH__EzjO--pKFr57j16O-bN8JpphpcATnx3Rkyjt4E21KyjXQi7_Zunuor1FEWRWs9FPZQbM44RpqWZ6fgvwdei4amPIv1Yjv2PIYcjWRLjHNEhfdEdkzGbuGYfYrY-jcm-c7OPIDqqDnWBR_MJlGyd1UwQHCwY7N-c1EA_neA6B1VXWmpQk9jb-bp2VLcITdwfGdhkSPw7SejDoTa-SQaB9kIocUf7ryd8GKnI1gZzQw25MlcFkD7IWw5CduFjxoTZWsQY2B9qyqz_55jkpepjN9cnqwhNm8yhEldWaRM2uL3YPZRg_Z0AsPPFlWNDTjyMF7AOS3cFXpXnPq45aZY5EWyLKJUVgrMy72qQRBPwp2WQ_B2Q5fXB7sdGG5P58x_eHS0mNvQ72uuZI_AqQeFtH-yJv3Ru03XEK3nkj-qkR6eUWBp5hi25p7j-pPT1KIceKF-FkLcwOoxcAECKqAv9sKsdUApUQE60gwKuodfh0AinxbM3P6GY48IiPN_D4pOBrm3p1V8SoAF3y3fNTYwQ3ApmT15rpadDQQY9Wk8jPrs85dyzHktYgJT3z-O02-sy5cZltgWPR1txOXXL5T4TotLjPQRzSnpeVpwJIT8o1-ukmb98NBOB_MApGVO5WTD5g7QQFxfi9wizTAjpA5VRE8ll_8BD5Mmz_9WuFdJBAj00TX2SQf6Omp1S5RuCZHvhPo1-DYNjB9Pa2d4NZ2UOuVjUZvKp0FI_VhbZEJlaGP1F3xFlrRcEo61oy31UarbwAwbiHSM9h-7yqXFGYzaNAy4s4tkpWXVWb2-j54FcqyN2kbYykehMPsc4pOefsx9hqG2_LeAqiKX6ShDlmtzy-dLHgINv35Frf38RU0Xo5_49qKfnQIE_WnH2mB9gOtqOJrtUhePSYqcbdPvvdaFBVLw6MpyZW0ROtrtz4fnoocMoBvLg5rhXV-UNBJ4-y5OWU6G1Z2vP2_ea_lD5fMgtmGKi5OSpZeR788zZD8jXjK_YyfRJ5AUf1Nkmaw8d4DF47LimmvxxhwK4AlzScDnrG2wBmnWsN9n2AQdJEh-W79C_-2-cRH1Gsh8fki6HJmYvVxXbzguZVsgf8rI3tUWnHyomq8Q_l8yGt-oq5mKVlK0MHZLIth8yoye6UT4lqqafsYj1XCVbpEidyYUJ7Ks2KBVuYkFTa4Hvl_2QzELvLsVfAC126oI6PUW3HSg&sai=AMfl-YR_3czdaetaGVjYwwnfVJpXsl6WVK5vx1efhAoK41SoNVMg8UodA2_rBpEM15onBA2ZyqdHyM5mKOSm-AZ2X8gz8xs9uv2LPjCRdzcrTzpmy2Eq46Shn2ngvA-aUdyu6IXBkx2QbFPQtmJd6tBzlH_DfceVOeQ2mN2kidcqJAQ0P5vEUZwwZZ8XYN3Y9PZfH--Bfp_EkXXZbw3S_pwqzESQX8cGr4LDbr77X9186tExtQanbBD_Q0_EfjOGy4hIdeEZdJ-bA9ESRqnVUrmrj5NTeWblvJFNQqHkMIjgBo0k04_uTs1zg6aYzn1jqFlIyFV8POlcRgE2RFiHOXEEbj9RpaQgEAW6Oo83ZP9AQ3Pdm-w7LyOUpX-TJEv-Fxe_PJLxde1JblsR58C7f99tp-8Spmhulym44wbzD2d_M9ICCZy28UfI6xo0u4p1FnEpcP_5-lg9qFLlvjLSzsV0-ECPWqxk38K6Oc_JpyteXopo9434UL120VC_79I5GNnhZC6M4Jv4ohZZ&sig=Cg0ArKJSzL4DM0dXVuD0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9paGcuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=455&vt=11&dtpt=282&dett=3&cstd=170&cisv=r20231109.32983&arae=0&ftch=1&adurl= Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f149.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	PNG_Text3.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	5 KB 5 KB	38ms 37ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text3.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash e2b9941b3f3741317072acd04e6f9c649aea93f5e26c9b5fe7afd8b67819cdfc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5011 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	PNG_Text4.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	2 KB 2 KB	57ms 55ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text4.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash e95b21609d408c58a6ff1503409dbbd5bdd159bd7f1c370b429b3fa1f78e0fa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1627 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	PNG_Text5.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	7 KB 7 KB	56ms 54ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text5.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 9bfdf92a0928a0e0ce3d87050c61b66a7060c3d481c459c54c5bbb60ac5ab655 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7415 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	PNG_Text6.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	4 KB 4 KB	58ms 55ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text6.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 0edb256f986511d22dd839f89adbab3464bc39435cba92ba1e7351e1daeb31be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3862 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	PNG_Text7.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	4 KB 4 KB	54ms 52ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text7.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 112e7b7a2782e2669bd126d87a4d63519fd80915d3dbeaef2a723084afa9e120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4131 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	PNG_Text8.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	2 KB 2 KB	52ms 51ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text8.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 3320c4c065e3f1229141d99879db05b1b92b51a7e149eb72d2005cbb8acbfabe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2265 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	PNG_Text9.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	5 KB 5 KB	53ms 51ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text9.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 7e0103c2136941aa5c8d481a8ad058e8b09abcdcc0e313b5d21cef52e966ee56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5024 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	PNG_Text10.png s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	2 KB 2 KB	51ms 50ms	Image image/png	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/PNG_Text10.png Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 10e587f7024fe9a74d292026b6e6fea30f5b3eab99a5e83645be80a576607247 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2515 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	JPG_Image2.jpg s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	24 KB 24 KB	47ms 45ms	Image image/jpeg	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/JPG_Image2.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 008503ae52f3576c63bb0d8d5789451a601c2f764ff41bc3052d0741be23a3d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24541 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	JPG_Image3.jpg s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	21 KB 21 KB	38ms 37ms	Image image/jpeg	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/JPG_Image3.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash 6c04b4a7b60a61eddeff07a90b0e4dee177923c37b19e7eab7dd2a3fd67a455f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21708 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	JPG_Image4.jpg s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	25 KB 25 KB	42ms 41ms	Image image/jpeg	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/JPG_Image4.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash db3d6e20156b2dde5663dea2a53ad726db011b5671a4257dd11ab9d364d5ea0b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25197 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H3	200	JPG_Image5.jpg s0.2mdn.net/sadbundle/9739122585306439781/ Frame 5A78	39 KB 39 KB	57ms 55ms	Image image/jpeg	142.251.179.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/9739122585306439781/JPG_Image5.jpg Requested by Host: adcity.ru URL: http://adcity.ru/?sort=rising Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f149.1e100.net Software sffe / Resource Hash a47b9c4bd27c9b96bd3006c1b3526adc90dd4af1a242699ffd15e9714ffd0302 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/9739122585306439781/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:39:03 GMT x-content-type-options nosniff age 536197 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39530 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:06:45 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 19 Nov 2024 14:39:03 GMT
GET H2	200	1 Show response mc.yandex.com/watch/10652806/ Redirect Chain https://mc.yandex.com/watch/10652806?wmode=7&page-url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3gptgfdbjvkqy3th3k5nmv17%3Afp%3A264%3Afu%3A0%3Ae... https://mc.yandex.com/watch/10652806/1?wmode=7&page-url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3gptgfdbjvkqy3th3k5nmv17%3Afp%3A264%3Afu%3A0%3...	471 B 606 B	157ms 157ms	Fetch application/json	77.88.21.119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/10652806/1?wmode=7&page-url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3gptgfdbjvkqy3th3k5nmv17%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A306967938810%3Ahid%3A803994826%3Az%3A-480%3Ai%3A20231126113540%3Aet%3A1701027340%3Ac%3A1%3Arn%3A863598430%3Arqn%3A1%3Au%3A1701027340341853637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A2%2C18%2C23%2C20%2C0%2C0%2C%2C527%2C8%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1701027337558%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701027340%3At%3ARising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29 Protocol H2 Server 77.88.21.119 , Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS mc.yandex.ru Software / Resource Hash bc70c6f7ec5b663081a2d4dcf1fcae6ce46a343121bd1e2436637c6504338d39 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sun, 26-Nov-2023 19:35:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin http://adcity.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 471 x-xss-protection 1; mode=block expires Sun, 26-Nov-2023 19:35:40 GMT Redirect headers pragma no-cache date Sun, 26 Nov 2023 19:35:40 GMT strict-transport-security max-age=31536000 last-modified Sun, 26-Nov-2023 19:35:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/10652806/1?wmode=7&page-url=http%3A%2F%2Fadcity.ru%2F%3Fsort%3Drising&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3gptgfdbjvkqy3th3k5nmv17%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A306967938810%3Ahid%3A803994826%3Az%3A-480%3Ai%3A20231126113540%3Aet%3A1701027340%3Ac%3A1%3Arn%3A863598430%3Arqn%3A1%3Au%3A1701027340341853637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A2%2C18%2C23%2C20%2C0%2C0%2C%2C527%2C8%2C%2C%2C%2C591%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1701027337558%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701027340%3At%3ARising%20Periscope%2C%20YouNow%2C%20and%20etc.%20live%20streams%20on%20LiveOMG.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29 access-control-allow-origin http://adcity.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Sun, 26-Nov-2023 19:35:40 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	122ms 56ms	XHR application/json	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash 0b30a9e1d7a2a83405aab38c0738a5b5a2436cdbef93b787b5297b5cd671df92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12337 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	36ms 36ms	Script text/javascript	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 26 Nov 2023 19:35:40 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A4B	13 KB 5 KB	35ms 33ms	Document text/html	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 312285 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 23 Nov 2023 04:50:55 GMT expires Fri, 22 Nov 2024 04:50:55 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame A50A	829 B 1 KB	117ms 49ms	Document text/html	172.253.63.103 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.103 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f103.1e100.net Software GSE / Resource Hash 508fb772ae40d02ef27d9844e6605009cc50b62f094ee113fd4a2c961a7742e3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eAM30252BMvXDtX1PTLgIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-eAM30252BMvXDtX1PTLgIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 26 Nov 2023 19:35:40 GMT expires Sun, 26 Nov 2023 19:35:40 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame 4A4B	39 KB 15 KB	34ms 34ms	Script text/javascript	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 14:24:58 GMT content-encoding br x-content-type-options nosniff age 18642 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 25 Nov 2024 14:24:58 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame A50A	0 0	59ms 59ms	Image text/html	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2346674073235954&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 4A4B	0 10 B	32ms 32ms	Image text/plain	142.251.163.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?t8-Pqg Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 26 Nov 2023 19:35:40 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame CFA9	42 B 64 B	59ms 58ms	Fetch image/gif	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv493bet-Tx1XD9O2yxB4sdhp9NAivCii5OokLm0uqwTbuM_QBwowkhFigKVfDXsXeU31e7KIGZx3FEn_NTp-GTO0SdX-z_zLIyPjHiZai7JOVPSg5FiRd5kR1MWGdgefAE4wZm3pmGBA&sai=AMfl-YRmug0YkqT9yf6dqotO8qVNY04cLPn6eigtXDAU-P8dRiVncP6aUpbTwEbdL88SdjXb5BoJJSnNAD3qCXj-dLafO94U56Mo_U60Y2HhjpDdTUZBhkCoavC8TRAN7waEThIepkOk-65fQt-18tAbsA&sig=Cg0ArKJSzOsFHdpTQRn5EAE&cid=CAQSTwDICaaNqXXNKr46mFnLipVEE5U949sbe0_7c6Wst__xEQUUapxNBXZNkEvyNoAt70rU4oLGGcnNUrDOmF5P_ufJAiarqJuC41_9PRYz-8MYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1628790265&rs=2&la=0&cr=0&vs=4&r=v&rst=1701027339277&rpt=808&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sun, 26 Nov 2023 19:35:41 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	60ms 59ms	Image text/html	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2346674073235954&bg=!wsGlwY7NAAZxrfrxUa07ADQBe5WfOBwAd5lPHFkjJbKyGWL2UPa1cQFAXaqsgurpRELQPskymxc_oZqMY1aSc9uZ5DfeAgAAAE9SAAAAAmgBB5kCn3zldDjL21wAOA-qDf0rBYXRyZ5fGk4nwEYtXivakpj7fnBTanRSdTnwvyGTDH-VteXalDI-qPfQ8v4sHdzwS1YtD9snW1a2BSC-sxsG1wax7rsynvx3PZnyeeQgW7wxkRFBPwAVKVgnyPG0YfRGaTUvEBfV3IedlIr3Qt07rM7MRqWqvbzZp7IUpO6Um6hT3W3QRkogjaAdOmsooH7qHji9arkhIcPD6WY2tCLkPsCSC1N2uGbtR-c_A_7FzQ9IaK9Kd2kWzdBtL5E3gjZbzTSXxAcy9hywnTCCfZOvYSNpG9TQpsXRu9Mb3OAt2_G_KiLSU2O3nA3vEdgLlYrgb-f6v9iAo35CLzvSHW1riQdB0PQaPYWLPtNKscE8BFtZw2--f6bQCXOZZzy_I8d_2sUgocKv-mYNsIV_ghRcuTkLLBa0AIZ8zv95iyUoSkLfwXk78ZBw1q5rfkrufVilTd2J7Vdcm5o4Mhx8hxAazS061v8YjqAnwxRzHRZ2gw3Nigyiccfms66W8QOabpIjZvYch25GqbL66ECEwA2whu95Dox49qVy10e-oJ_qch4JqzAD15FQx33zCPcB9FS3soGGPnx_SKGtoGK6NIqfH02HiRiPPNo-2XEQArPE1L6cAVF58ct9TaIGnLaOdDbuPybl0v9XLtg93BR7z_3km3bvy6vSnG-FXHC2c3Fps3t90q_2niqrVFnrlRq-DplkPm3vq5gL9rYvZ4EY963ZQK6_EFBfqr3ONdk8e7zl-3VPIbU4LMS1GEHiVjF0V-pHavxC_A3MGoYCWHQbK4VLPeK6Xhep1lvCZuVqseriLGb7Mhitbkd5-vOWQK4aWx9ao3T15DJuPBQCZigHFJrwpG8tCsBHOA1v_Mj9i7hcvuPc Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
POST H2	200	all csm.us.criteo.net/ Frame E154	0 127 B	34ms 33ms	Ping text/plain	74.119.119.149 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://csm.us.criteo.net/all?cppv=3&cpp=_m_BVQj6aJKO3VakjNHobec52umAIH20QcjF6f1FusM6qYCBOLAHR6xI4yphoEwcISZIjFiL0CW9d4bAzabMmub6Dn3Zsil7KdZRmkjOrRlBC-kvu9ue3sGBRObJApGetqS29eAWSrObCfa4XoOVKPNxv3hOE4rQbecG5Onsq1i6vWwZbCOE2SgOFOmLuE7zP4jJ1RX5gpH5YWD_Y7KK93H7wITDMMwnkkMzZraCJQIUG6pG1HiGsYgJe8Gg9ct10iO4vw&sds=2&rev=89278&sendBeacon=true Requested by Host: ads.us.criteo.com URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWOeCwAFJpkIuM5FAAx29Ui5SxufintDUwRcQw&u=%7C%2BbosL%2F19v9ka1mRhJzFYG7xQwOBnRx6thuQmGN9ADl0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE6LvhJEVfnpona7yZr6CGip8a0O0VRnOfDVSJxtXdF-L5QuJWLnTW0YWIlItJFNFdECrF5F6b99n2D0LmthCNwAl4SG9qnJwsb39rVS7wqnzwedtHEnWn_e9-EqU5EqlfdXZ0q87QVnXhl4Jo_Ik0_3-FLh-5Sjn9jo1N_QcBoOUYYlsvafSHG6L5lEaBfF_ULgurBPFQjrNmOFTV1jEyjT89Ap_-DI8HMBuun9_VadnqI3sApDkYSzv-1Bye7mCjsfG1YUrOk7gjPUy1fkuSbbF2eW1IkKgcIfuGx_ioZI2ndiuvNK_fGflFC9B3p-X3XP6S7p91V10_ijcrxAh2uaKx9s22OD-BYKQf5eIAkJM27CfGc74VxRTbOzX9_e7t6wIiFog8NXRXdVYz9tYYO4c4GOC3wjvYEV0N0elTVIQuMsWIeEE6YHnHbv7zOCFhkylU8QcVdOjNoUQh3wqs-jfJTjZa-A5lLeQSKWS-IgX3VhAFjU76FmdPc2gltFbZWBxdE1Mim6_HiYt8BCh4PIksQpFeoACayQOFJd8DnTjGPZ2-arRjfdn9Mc0T2uGhbL6tlH3ts21NAdb0zMo-2JKsC9fXkR2i&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcje_C55jZZnNFMWc4_UP9e2x4A2cge-wXMqmqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTU0MDc4NjE5MzU5ODA2MDXIAQmoAwHIAwKqBL0BT9AY9xQgsihnDEbAxd2K3AFewS5LOmX6bP9zWbExi4vPMn3xYu3meFoPyIVzCIbQLXU075rz530N-3hWU2-uZ0fj0L2X0OMJ4ALDaS2B22qpsMLCnhGOEHIC6VKG0BHcKQlbuM_8STPWq2iYlWAQ5IpAJ13qrdAs22RCyb_cvi6wc8hYxeaxAvJrZSpBf0jmnokgn_zf_OXohAhFx6kU0zIyPe5_odZ_d6LBWssAWqe5xgV4VlQC6TDb9It0gAa06Yut-tiA064BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Lj58amjsnOwrq_65QQ2134KYJIA%26client%3Dca-pub-5407861935980605%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.149 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.us.criteo.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 26 Nov 2023 19:35:41 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0