Submitted URL: http://fermer.blog/
Effective URL: https://fermer.blog/
Submission: On June 18 via manual from RU

Summary

This website contacted 31 IPs in 8 countries across 26 domains to perform 110 HTTP transactions. The main IP is 54.38.155.61, located in France and belongs to OVH, FR. The main domain is fermer.blog.
TLS certificate: Issued by R3 on May 18th 2021. Valid for: 3 months.
This is the only time fermer.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 55 54.38.155.61 16276 (OVH)
4 95.216.65.102 24940 (HETZNER-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 7 2a02:6b8:20::215 13238 (YANDEX)
1 88.99.234.26 24940 (HETZNER-AS)
1 2a02:6b8::90 13238 (YANDEX)
1 147.135.189.55 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 80.239.201.35 1299 (TELIANET ...)
1 2a02:6b8::16b 13238 (YANDEX)
2 23.111.200.118 7979 (SERVERS-COM)
2 138.201.65.68 24940 (HETZNER-AS)
2 4 193.232.148.152 48061 (UMA-TECH-AS)
2 185.184.8.65 204995 (RTB-HOUSE...)
2 2a00:1148:db0... 47764 (MAILRU-AS...)
2 135.181.113.13 24940 (HETZNER-AS)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 184.25.115.167 16625 (AKAMAI-AS)
1 2 62.128.97.8 45102 (CNNIC-ALI...)
1 1 184.25.114.68 16625 (AKAMAI-AS)
110 31
Domain Requested by
55 fermer.blog 1 redirects fermer.blog
8 pagead2.googlesyndication.com fermer.blog
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 yastatic.net 1 redirects fermer.blog
yastatic.net
5 mc.yandex.ru 2 redirects fermer.blog
cdn.jsdelivr.net
4 px.adhigh.net 2 redirects fermer.blog
3 adagropro.bid fermer.blog
adagropro.bid
2 best.aliexpress.ru 1 redirects fermer.blog
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com fermer.blog
tpc.googlesyndication.com
2 ssp.bidvol.com yastatic.net
2 ad.mail.ru yastatic.net
2 adfox-c2s-ams.creativecdn.com yastatic.net
2 yhb.p.otm-r.com yastatic.net
2 ads.betweendigital.com yastatic.net
2 mc.webvisor.org 1 redirects fermer.blog
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 login.aliexpress.ru 1 redirects
1 login.aliexpress.com 1 redirects
1 s.click.aliexpress.com 1 redirects
1 www.google.de fermer.blog
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 matchid.adfox.yandex.ru yastatic.net
1 cdn.jsdelivr.net fermer.blog
1 m.mixadvert.com fermer.blog
1 an.yandex.ru fermer.blog
1 ads.digitalcaramel.com fermer.blog
1 www.googletagmanager.com fermer.blog
1 duper8flash.com fermer.blog
1 rbone.link fermer.blog
110 34
Subject Issuer Validity Valid
fermer.blog
R3
2021-05-18 -
2021-08-16
3 months crt.sh
rbone.link
R3
2021-04-23 -
2021-07-22
3 months crt.sh
adagropro.bid
R3
2021-04-23 -
2021-07-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-18 -
2021-08-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.yastatic.net
Yandex CA
2021-03-03 -
2021-09-01
6 months crt.sh
caramel.am
R3
2021-04-25 -
2021-07-24
3 months crt.sh
bs.yandex.ru
Yandex CA
2021-05-31 -
2021-11-29
6 months crt.sh
m.mixadvert.com
R3
2021-05-02 -
2021-07-31
3 months crt.sh
mc.yandex.ru
Yandex CA
2021-02-27 -
2021-08-09
5 months crt.sh
mc.webvisor.com
Yandex CA
2021-03-11 -
2021-09-02
6 months crt.sh
matchid.adfox.yandex.ru
Yandex CA
2021-03-16 -
2021-09-08
6 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2020-11-19 -
2021-12-20
a year crt.sh
*.p.otm-r.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-27 -
2022-02-06
2 years crt.sh
*.ltmse.com
R3
2021-05-21 -
2021-08-19
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018
2020-11-13 -
2021-11-17
a year crt.sh
ssp.bidvol.com
R3
2021-05-02 -
2021-07-31
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
www.google.de
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.aliexpress.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-06-07 -
2022-06-26
a year crt.sh

This page contains 6 frames:

Primary Page: https://fermer.blog/
Frame ID: BFB16BC39D434D1D2FC84C661D281CC4
Requests: 104 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: E818CA2BC03532AEB8464BDFC85D345E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1623990248&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffermer.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623990248135&bpp=4&bdt=509&idt=226&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4694270273135&frm=20&pv=2&ga_vid=391944489.1623990248&ga_sid=1623990248&ga_hid=1593283379&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744439%2C31061218&oid=3&pvsid=2603753061062433&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: 619FECF37AE671A528871715785D86DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: C8702CE2D3B17EDF02F2FB14F06A83BA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0688AC4F05F4DC2403329E488FEDCF76
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8
Frame ID: E2A1B533C9A007134A78697F1E617B18
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://fermer.blog/ HTTP 301
    https://fermer.blog/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

110
Requests

100 %
HTTPS

58 %
IPv6

26
Domains

34
Subdomains

31
IPs

8
Countries

2279 kB
Transfer

5891 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fermer.blog/ HTTP 301
    https://fermer.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://an.yandex.ru/system/adfox.js
Request Chain 53
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248
Request Chain 67
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9307.MBjWXqnSkNfoBb9PXghLhMp7lJ5AGQOgb_nf-5qEdzLOOaTR2bFt-5tDO78c9UEQ.uPYcWA7uO6fAD9y2_9nUdqR8uK4%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMyM%2C
Request Chain 71
  • https://px.adhigh.net/rtb/yandex_hb HTTP 307
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
Request Chain 77
  • https://px.adhigh.net/rtb/yandex_hb HTTP 307
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
Request Chain 108
  • https://s.click.aliexpress.com/e/_eKxu1T HTTP 302
  • https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8 HTTP 302
  • https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26aff_fsk%3D_eKxu1T%26aff_platform%3Dportals-tool%26sk%3D_eKxu1T%26aff_trace_key%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26terminal_id%3Da5b7986305f54241bd6239a15fd6e0b8 HTTP 302
  • https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=a5b7986305f54241bd6239a15fd6e0b8&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26aff_fsk%3D_eKxu1T%26aff_platform%3Dportals-tool%26sk%3D_eKxu1T%26aff_trace_key%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26terminal_id%3Da5b7986305f54241bd6239a15fd6e0b8 HTTP 302
  • https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8

110 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fermer.blog/
Redirect Chain
  • http://fermer.blog/
  • https://fermer.blog/
114 KB
22 KB
Document
General
Full URL
https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
5893454222dc0ac541735d7981aa1fedba66e9f46f7efc353099108a31a34606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options deny

Request headers

:method
GET
:authority
fermer.blog
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
cloudflare-nginx
date
Fri, 18 Jun 2021 04:24:07 GMT
content-type
text/html; charset=UTF-8
content-length
21507
set-cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; path=/; secure; HttpOnly L=ru; expires=Sat, 18-Jun-2022 04:24:07 GMT; Max-Age=31536000; path=/ obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; expires=Sun, 18-Jul-2021 04:24:07 GMT; Max-Age=2592000; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
strict-transport-security
max-age=31536000
x-frame-options
deny

Redirect headers

Server
cloudflare-nginx
Date
Fri, 18 Jun 2021 04:24:07 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Keep-Alive
timeout=60
Location
https://fermer.blog/
app.js
fermer.blog/assets/1489be27/build/js/
47 KB
14 KB
Script
General
Full URL
https://fermer.blog/assets/1489be27/build/js/app.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
158cc86064be37e4a3439dbe47d6aff68a473b7cad0c78e6ffaaf31fdc2fc32e

Request headers

:path
/assets/1489be27/build/js/app.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:31 GMT
server
cloudflare-nginx
etag
W/"6074239f-bda8"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
1fffdd54b0939889325579b96e916b02.js
rbone.link/pjs/
37 KB
10 KB
Script
General
Full URL
https://rbone.link/pjs/1fffdd54b0939889325579b96e916b02.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
d429e892190bf733e7114622a740ffb682b653ebad20b57120dd9c3200d5f14b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Fri, 18 Jun 2021 02:02:10 GMT
server
cloudflare-nginx
etag
W/"60cbfea2-935d"
content-type
application/javascript
cache-control
max-age=259200, public, must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
YandexSansText-Regular.woff
fermer.blog/font/
66 KB
67 KB
Font
General
Full URL
https://fermer.blog/font/YandexSansText-Regular.woff
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
997f37ce8fdf9379eb57001260dc5f1f77b90421f655070a14509c5cf7ceea3c

Request headers

sec-fetch-mode
cors
origin
https://fermer.blog
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
:path
/font/YandexSansText-Regular.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://fermer.blog
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
last-modified
Mon, 12 Apr 2021 10:39:24 GMT
server
cloudflare-nginx
etag
"6074235c-10918"
content-type
font/woff
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
67864
expires
Mon, 21 Jun 2021 04:24:07 GMT
67nu.min.js
adagropro.bid/
62 KB
18 KB
Script
General
Full URL
https://adagropro.bid/67nu.min.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
02d7d530148f909cbcd564d11e51e525a5483c2bb96c0824ead3cad80da4fcde

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
server
cloudflare-nginx
duration
268269
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=300
access-control-allow-headers
*
expires
Fri, 18-Jun-2021 07:29:08 EEST
5eda5a6b76d74fed0e13471c
duper8flash.com/j/
73 KB
16 KB
Script
General
Full URL
https://duper8flash.com/j/5eda5a6b76d74fed0e13471c
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ba8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1cc44338355879c2c26b3d8fac9bbae4c4522365cb36476a3b4677aa3dfaad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uhdAanONZ4VeBwOdVIe0XTXBQGfRgysvzuhjP9u4PRvOJmBx488wbCQqjzv0RNpfjeEiuax6IzPw0phfKQrQ4WGEMbXtmu047Y65XUf7bbVr93CPn9bHVNiqhygnJQPhlUMFH2cDcmNW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security
max-age=31536000
cf-ray
6611bf0a5e97d6ed-FRA
vary
Accept-Encoding
cf-request-id
0abef5ba7c0000d6ed2619e000000001
select2.min.css
fermer.blog/assets/98b7cf3f/css/
3 KB
832 B
Stylesheet
General
Full URL
https://fermer.blog/assets/98b7cf3f/css/select2.min.css
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
f912d1c5f1dd5fe68b179605f04f548c0aef4ec5cf4a4774ef29356edc86aec1

Request headers

:path
/assets/98b7cf3f/css/select2.min.css
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:35 GMT
server
cloudflare-nginx
etag
W/"607423a3-aae"
content-type
text/css
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
select2-addl.min.css
fermer.blog/assets/98b7cf3f/css/
880 B
557 B
Stylesheet
General
Full URL
https://fermer.blog/assets/98b7cf3f/css/select2-addl.min.css
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
289ef5fff74b67f8ef5b9f2ed202802678ae3b0d5be43776da56885e29b85acd

Request headers

:path
/assets/98b7cf3f/css/select2-addl.min.css
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:35 GMT
server
cloudflare-nginx
etag
W/"607423a3-370"
content-type
text/css
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
select2-krajee.min.css
fermer.blog/assets/98b7cf3f/css/
17 KB
3 KB
Stylesheet
General
Full URL
https://fermer.blog/assets/98b7cf3f/css/select2-krajee.min.css
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
bb1c48b1682bb5e9020bf9bf3901c86bd42d3195b6226cefd36506f28048e18e

Request headers

:path
/assets/98b7cf3f/css/select2-krajee.min.css
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:35 GMT
server
cloudflare-nginx
etag
W/"607423a3-4512"
content-type
text/css
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
event_all.css
fermer.blog/assets/d7275ed6/css/
576 KB
67 KB
Stylesheet
General
Full URL
https://fermer.blog/assets/d7275ed6/css/event_all.css
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
378d65e3c899cd5bf984d9619597cbbcbc8494b8c3e5e0b46a0fd33dbb5af1d0

Request headers

:path
/assets/d7275ed6/css/event_all.css
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:31 GMT
server
cloudflare-nginx
etag
W/"6074239f-9003f"
content-type
text/css
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
mobiscroll.jquery.min.css
fermer.blog/assets/ae2ad131/css/
627 KB
56 KB
Stylesheet
General
Full URL
https://fermer.blog/assets/ae2ad131/css/mobiscroll.jquery.min.css
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
8564386cca4369e084929dfb0620636d20edf437bbfdc81575c6fd54ef52c28d

Request headers

:path
/assets/ae2ad131/css/mobiscroll.jquery.min.css
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:36 GMT
server
cloudflare-nginx
etag
W/"607423a4-9cbee"
content-type
text/css
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
state.css
fermer.blog/assets/d7275ed6/css/
349 KB
43 KB
Stylesheet
General
Full URL
https://fermer.blog/assets/d7275ed6/css/state.css
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
14072c410ec89a243791f8ba77fe8e561892019b3c3d1fece1c040899ce601bf

Request headers

:path
/assets/d7275ed6/css/state.css
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:31 GMT
server
cloudflare-nginx
etag
W/"6074239f-57476"
content-type
text/css
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
js
www.googletagmanager.com/gtag/
89 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2296780-10
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a372c442ebea763b361e5162586c34ba85e3256cbba806a96681d3b221cc3d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36245
x-xss-protection
0
last-modified
Fri, 18 Jun 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Jun 2021 04:24:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
135 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48867
x-xss-protection
0
server
cafe
etag
2918852401321146490
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Jun 2021 04:24:08 GMT
header-bidding.js
yastatic.net/pcode/adfox/
151 KB
33 KB
Script
General
Full URL
https://yastatic.net/pcode/adfox/header-bidding.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0a6083e0a6436372f3566176aac564fbbc032047d2ef217e8b82e70cb535eaed
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
33401
last-modified
Thu, 17 Jun 2021 13:46:47 GMT
server
nginx/1.17.9
etag
"3f44ae92bed91e17d37f376a4c87a109"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Jun 2021 05:22:56 GMT
fermer.blog.js
ads.digitalcaramel.com/js/
3 KB
816 B
Script
General
Full URL
https://ads.digitalcaramel.com/js/fermer.blog.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
digitalcaramel.com
Software
nginx /
Resource Hash
4bb5d4b6b42315f8067cd09f49094deb8bfaa77c39ede7a1e4159874971659bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jun 2021 12:21:31 GMT
server
nginx
etag
W/"60c9eccb-a9e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=15724800; includeSubdomains; preload
expires
Thu, 31 Dec 2037 23:55:55 GMT
adfox.js
an.yandex.ru/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://an.yandex.ru/system/adfox.js
255 KB
67 KB
Script
General
Full URL
https://an.yandex.ru/system/adfox.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
b39292561e944b75c7a3328b05d8b56d7739ae1f59b9eb5d104dabe490ddb68b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
2599319240
x-yandex-req-id
1623990247884495-170892574264298269500179-production-app-host-man-pcode-57
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 18 Jun 2021 05:24:07 GMT

Redirect headers

date
Fri, 18 Jun 2021 04:24:07 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://an.yandex.ru/system/adfox.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
adblock.js
fermer.blog/js/
58 B
287 B
Script
General
Full URL
https://fermer.blog/js/adblock.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
1de19e37d9ee4fab330156570bfa944767f181f5253945790961f2a0a17df53d

Request headers

:path
/js/adblock.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-3a"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
datepicker.min.js
fermer.blog/js/
1 KB
1 KB
Script
General
Full URL
https://fermer.blog/js/datepicker.min.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
d8ff1c4ec7dcf5d1073299e7e03d72a416b99bef68b10d98d058c6637aa4527c

Request headers

:path
/js/datepicker.min.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Tue, 13 Oct 2020 08:41:20 GMT
server
cloudflare-nginx
etag
W/"5f856830-56d"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
youtube1.svg
fermer.blog/images/fermer/social/
723 B
561 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/youtube1.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
b7a21d702ec257ff7a089f80819d4041225470583e48381b08d730012100e4a5

Request headers

:path
/images/fermer/social/youtube1.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-2d3"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
fb.svg
fermer.blog/images/fermer/social/
411 B
471 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/fb.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
795790310dd3d1a10b0da4004302ede969b80a940edbd5ca98c514274e783cfe

Request headers

:path
/images/fermer/social/fb.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-19b"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
telegram.svg
fermer.blog/images/fermer/social/
540 B
545 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/telegram.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
736a55b0f0740265e09dd6655bf0d46a6729726e573c9d9a3bd0830e58c82a08

Request headers

:path
/images/fermer/social/telegram.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-21c"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
inst.svg
fermer.blog/images/fermer/social/
3 KB
1 KB
Image
General
Full URL
https://fermer.blog/images/fermer/social/inst.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
cbaac130e8e1894a7bf0d1ef045e33ed5e42802fc6eeb798b70c9aa41ff1a994

Request headers

:path
/images/fermer/social/inst.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-c92"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
ok.svg
fermer.blog/images/fermer/social/
1 KB
774 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/ok.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
dda77fa1a85122150321a05dec16d560aeba1a36c458be53ae63641184533489

Request headers

:path
/images/fermer/social/ok.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-4dd"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
dzen.svg
fermer.blog/images/fermer/social/
684 B
574 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/dzen.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
f461975e496ead61e69b457728886d368507ed4f929888086ff692298658e657

Request headers

:path
/images/fermer/social/dzen.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-2ac"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
pinterest.svg
fermer.blog/images/fermer/social/
1 KB
869 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/pinterest.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
84a0ac1af28601c44dcdf95a9fcf1e100c5afe04506b122cb15e289638481061

Request headers

:path
/images/fermer/social/pinterest.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-4ed"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
vk.svg
fermer.blog/images/fermer/social/
2 KB
998 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/vk.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
fddc754aa71f746b777a9e5e90581316fa6f615b3e9eafc7ba0ac8fb5d5fccea

Request headers

:path
/images/fermer/social/vk.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-699"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
flipboard.svg
fermer.blog/images/fermer/socials24x24/
297 B
412 B
Image
General
Full URL
https://fermer.blog/images/fermer/socials24x24/flipboard.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
fe9cef577cc33db6ded51ef00be25fcc4de06b38114e67fbe0e9008e152d1618

Request headers

:path
/images/fermer/socials24x24/flipboard.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-129"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
star.svg
fermer.blog/images/fermer/icons24x24/
343 B
436 B
Image
General
Full URL
https://fermer.blog/images/fermer/icons24x24/star.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
6c4fa9f9471c182ce49e6f0b84d401f6daf7c02a64e506d73df26388a934f94a

Request headers

:path
/images/fermer/icons24x24/star.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-157"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
add-to-calendar.svg
fermer.blog/images/event1/
303 B
431 B
Image
General
Full URL
https://fermer.blog/images/event1/add-to-calendar.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
0e4356259cf7e321f995591532d4d1efca9eff6fe9e96e8fe9756aff0e53d377

Request headers

:path
/images/event1/add-to-calendar.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-12f"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
loading.gif
fermer.blog/images/auto/
16 KB
16 KB
Image
General
Full URL
https://fermer.blog/images/auto/loading.gif
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
ed1986f28a8dd0a54419e161cbc44193a19512f5127b0938fb7860f762310981

Request headers

:path
/images/auto/loading.gif
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
"6074235d-3e76"
content-type
image/gif
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
15990
expires
Mon, 21 Jun 2021 04:24:08 GMT
youtubevideo-btn__icon.svg
fermer.blog/images/fermer/youtubepopup/
667 B
570 B
Image
General
Full URL
https://fermer.blog/images/fermer/youtubepopup/youtubevideo-btn__icon.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
ac2f1074e0f95af484fa25ac94cd041e43e3ca2b52be7b856c9e82112790b641

Request headers

:path
/images/fermer/youtubepopup/youtubevideo-btn__icon.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-29b"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
new-logo.png
fermer.blog/images/fermer/
4 KB
5 KB
Image
General
Full URL
https://fermer.blog/images/fermer/new-logo.png
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
7a5ec0f396843996f148f0c33c7678c2481db790d45a977521fcd2b8ec926dfa

Request headers

:path
/images/fermer/new-logo.png
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
"6074235d-1148"
content-type
image/png
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
4424
expires
Mon, 21 Jun 2021 04:24:08 GMT
youtube.svg
fermer.blog/images/fermer/social/
947 B
629 B
Image
General
Full URL
https://fermer.blog/images/fermer/social/youtube.svg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
506e2c3e4d35de9588db5c7198788e3cbb1e856270e548f1a72d0399c14c3bb8

Request headers

:path
/images/fermer/social/youtube.svg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-3b3"
content-type
image/svg+xml
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
jquery.min.js
fermer.blog/assets/5902b29c/
87 KB
30 KB
Script
General
Full URL
https://fermer.blog/assets/5902b29c/jquery.min.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path
/assets/5902b29c/jquery.min.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:31 GMT
server
cloudflare-nginx
etag
W/"6074239f-15d84"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
yii.js
fermer.blog/assets/56ae9659/
20 KB
6 KB
Script
General
Full URL
https://fermer.blog/assets/56ae9659/yii.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

:path
/assets/56ae9659/yii.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:32 GMT
server
cloudflare-nginx
etag
W/"607423a0-51c6"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
select2.full.min.js
fermer.blog/assets/98b7cf3f/js/
73 KB
19 KB
Script
General
Full URL
https://fermer.blog/assets/98b7cf3f/js/select2.full.min.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
15c54892706255193928b41e2016fd55076d15132ac1f7d7c99f83f2ad2042ba

Request headers

:path
/assets/98b7cf3f/js/select2.full.min.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:35 GMT
server
cloudflare-nginx
etag
W/"607423a3-124aa"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
select2-krajee.min.js
fermer.blog/assets/98b7cf3f/js/
3 KB
1 KB
Script
General
Full URL
https://fermer.blog/assets/98b7cf3f/js/select2-krajee.min.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
0b05d38da00b982ff4bce48603f9086260d2fb7fe4beb6a575ac731acded8cc7

Request headers

:path
/assets/98b7cf3f/js/select2-krajee.min.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:07 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:35 GMT
server
cloudflare-nginx
etag
W/"607423a3-bf1"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:07 GMT
jquery.pjax.js
fermer.blog/assets/fa61e387/
29 KB
9 KB
Script
General
Full URL
https://fermer.blog/assets/fa61e387/jquery.pjax.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
49b19211c626af3808cf9a7f2d51dded526414a5f5fe2181633cd7dbe4f070ff

Request headers

:path
/assets/fa61e387/jquery.pjax.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:36 GMT
server
cloudflare-nginx
etag
W/"607423a4-7259"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
/
m.mixadvert.com/show/
3 KB
3 KB
Script
General
Full URL
https://m.mixadvert.com/show/?id=7813
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
8ce7979da54407fc39e698dd0221135b4781952b6c525e94892f063416d725f3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
scroll.js
fermer.blog/assets/ae2ad131/js/
288 KB
89 KB
Script
General
Full URL
https://fermer.blog/assets/ae2ad131/js/scroll.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
dc5c723556281b2c8451c69c53e207e878d86df390e548bd8447660ef5f0266b

Request headers

:path
/assets/ae2ad131/js/scroll.js
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:40:36 GMT
server
cloudflare-nginx
etag
W/"607423a4-47f18"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
login-popup
fermer.blog/ubi/user2/
7 KB
2 KB
Script
General
Full URL
https://fermer.blog/ubi/user2/login-popup?preload=1
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
4672c078b98596a4fda744f12751d6edee5bcce073aa8b491ca84aaa53d6be8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options deny

Request headers

:path
/ubi/user2/login-popup?preload=1
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
vary
Accept-Encoding
server
cloudflare-nginx
x-frame-options
deny
content-type
text/html; charset=UTF-8
set-cookie
L=ru; expires=Sat, 18-Jun-2022 04:24:08 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000
content-length
1837
expires
Fri, 18 Jun 2021 05:24:08 GMT
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/
219 KB
77 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
463e82928f67dc09955d633150e436bf026ab6df99c21f25c4552cecf68176a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
23285
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abef5ba6300004aaff70ed000000001
x-served-by
cache-fra19179-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"36b8f-F/1WhPP6O6j7eOu8y9brkoJHvMU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6611bf0a3e634aaf-FRA
aa5674ac5201d549ef10.js
yastatic.net/partner-code-bundles/15075/
78 KB
17 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/15075/aa5674ac5201d549ef10.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
1927b6750875c9a99ec192519d682e9c54721d9333a661f3b05b8380d0533914
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://fermer.blog
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17064
last-modified
Wed, 16 Jun 2021 16:51:27 GMT
server
nginx/1.17.9
etag
"8a689b646d9a642fbe14698d68692cb0"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2051 10:58:21 GMT
host.js
yastatic.net/safeframe-bundles/0.80/
29 KB
8 KB
Script
General
Full URL
https://yastatic.net/safeframe-bundles/0.80/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://fermer.blog
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8120
last-modified
Wed, 13 Jan 2021 14:53:48 GMT
server
nginx/1.17.9
etag
"7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2051 10:56:59 GMT
3b38035a3b53eff806a6.js
yastatic.net/partner-code-bundles/15075/
12 KB
5 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/15075/3b38035a3b53eff806a6.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a86d297bdcc1a745dc5d2269ac19be309930d0ba1782017dc5d10d9069697441
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://fermer.blog
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4207
last-modified
Wed, 16 Jun 2021 16:51:27 GMT
server
nginx/1.17.9
etag
"259f2f9b0188e95d03d13fdbc555a28f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2051 10:55:37 GMT
4e54d16adf9ff7474572.js
yastatic.net/partner-code-bundles/15075/
501 KB
106 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/15075/4e54d16adf9ff7474572.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
427f3a21ecdc1d620d62cfeaae30cdbd2a1b835aa335f06f5d25d8bc316cfba0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://fermer.blog
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
107487
last-modified
Wed, 16 Jun 2021 16:51:27 GMT
server
nginx/1.17.9
etag
"790098d20deed3476438855dff82731c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2051 10:55:37 GMT
24b0216eb9b9e1f57576.js
yastatic.net/partner-code-bundles/15075/
338 KB
62 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/15075/24b0216eb9b9e1f57576.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
bbc69adf79c29b029358be3e0a0458597df4ea33ebe4f097355ad26d9a9ee350
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://fermer.blog
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
62514
last-modified
Wed, 16 Jun 2021 16:51:27 GMT
server
nginx/1.17.9
etag
"7ccd5cd019f0f5b4cff232e88617322d"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Jun 2051 10:55:40 GMT
site-logo49.png
fermer.blog/images/fermer/
5 KB
5 KB
Image
General
Full URL
https://fermer.blog/images/fermer/site-logo49.png
Requested by
Host: fermer.blog
URL: https://fermer.blog/assets/d7275ed6/css/state.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
b19161b3bab59d5ef83007594ae056ecb4812458dccb41da9bc9bcfa2a5e3259

Request headers

:path
/images/fermer/site-logo49.png
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/assets/d7275ed6/css/state.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/assets/d7275ed6/css/state.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
"6074235d-1241"
content-type
image/png
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
4673
expires
Mon, 21 Jun 2021 04:24:08 GMT
loading.gif
fermer.blog/images/fermer/
16 KB
16 KB
Image
General
Full URL
https://fermer.blog/images/fermer/loading.gif
Requested by
Host: fermer.blog
URL: https://fermer.blog/assets/d7275ed6/css/state.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
ed1986f28a8dd0a54419e161cbc44193a19512f5127b0938fb7860f762310981

Request headers

:path
/images/fermer/loading.gif
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/assets/d7275ed6/css/state.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/assets/d7275ed6/css/state.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
"6074235d-3e76"
content-type
image/gif
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
15990
expires
Mon, 21 Jun 2021 04:24:08 GMT
post-slider-arrow.png
fermer.blog/images/fermer/
1 KB
1 KB
Image
General
Full URL
https://fermer.blog/images/fermer/post-slider-arrow.png
Requested by
Host: fermer.blog
URL: https://fermer.blog/assets/d7275ed6/css/state.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
a3483cab20283886050244fd10ef25b130face8457f2c0e68471daf71c53ae88

Request headers

:path
/images/fermer/post-slider-arrow.png
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/assets/d7275ed6/css/state.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/assets/d7275ed6/css/state.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
"6074235d-43d"
content-type
image/png
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
1085
expires
Mon, 21 Jun 2021 04:24:08 GMT
/
fermer.blog/
64 KB
64 KB
Image
General
Full URL
https://fermer.blog/
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options deny

Request headers

:path
/
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
vary
Accept-Encoding
server
cloudflare-nginx
x-frame-options
deny
content-type
text/html; charset=UTF-8
set-cookie
L=ru; expires=Sat, 18-Jun-2022 04:24:08 GMT; Max-Age=31536000; path=/ obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; expires=Sun, 18-Jul-2021 04:24:08 GMT; Max-Age=2592000; path=/
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
content-length
21507
expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/
233 KB
86 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88106
x-xss-protection
0
server
cafe
etag
14514754445097133811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Jun 2021 04:24:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame E818
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210616/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fermer.blog/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fermer.blog/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 17 Jun 2021 19:02:37 GMT
expires
Thu, 01 Jul 2021 19:02:37 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
33691
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
35 B
69 B
XHR
General
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 18-Jun-2021 04:24:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fermer.blog
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Fri, 18-Jun-2021 04:24:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Fri, 18-Jun-2021 04:24:08 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248
strict-transport-security
max-age=31536000
access-control-allow-origin
https://fermer.blog
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 18-Jun-2021 04:24:08 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
174 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Thu, 17 Jun 2021 09:26:05 GMT
etag
"60bf3bc8-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 18 Jun 2021 05:24:08 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2296780-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5131
date
Fri, 18 Jun 2021 02:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 18 Jun 2021 04:58:37 GMT
204797.qrac8c.1250x540.webp
fermer.blog/media/res/2/0/4/7/9/7/
68 KB
68 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/4/7/9/7/204797.qrac8c.1250x540.webp
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
83fbe5736b4e922e710f59f517ace260c1b5b7556778942d9b4d153d4d3d0060

Request headers

:path
/media/res/2/0/4/7/9/7/204797.qrac8c.1250x540.webp
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 12 Apr 2021 13:04:50 GMT
server
cloudflare-nginx
etag
"60744572-1100e"
content-type
image/webp
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
69646
expires
Mon, 21 Jun 2021 04:24:08 GMT
204700.qpyytc.910x830.webp
fermer.blog/media/res/2/0/4/7/0/0/
66 KB
66 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/4/7/0/0/204700.qpyytc.910x830.webp
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
22e075aeb3b00f19cf6e8aacd991bed21a95ed40ade9e109d93efeb2f1f2fc4d

Request headers

:path
/media/res/2/0/4/7/0/0/204700.qpyytc.910x830.webp
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 12 Apr 2021 13:04:50 GMT
server
cloudflare-nginx
etag
"60744572-108d0"
content-type
image/webp
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
67792
expires
Mon, 21 Jun 2021 04:24:08 GMT
205117.qur570.700x575.jpg
fermer.blog/media/res/2/0/5/1/1/7/
86 KB
87 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/1/1/7/205117.qur570.700x575.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
0692210a571f4e87860d81e09e098a26f8818432a160b55bee01c82725cfa924

Request headers

:path
/media/res/2/0/5/1/1/7/205117.qur570.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Thu, 17 Jun 2021 06:02:34 GMT
server
cloudflare-nginx
etag
"60cae57a-158d7"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
88279
expires
Mon, 21 Jun 2021 04:24:08 GMT
205114.quqouo.700x575.jpg
fermer.blog/media/res/2/0/5/1/1/4/
49 KB
49 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/1/1/4/205114.quqouo.700x575.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
311acc0092839f7e1076f02f61360421eda5d305b0c9f2195804b62570822331

Request headers

:path
/media/res/2/0/5/1/1/4/205114.quqouo.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Wed, 16 Jun 2021 06:03:31 GMT
server
cloudflare-nginx
etag
"60c99433-c2ee"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
49902
expires
Mon, 21 Jun 2021 04:24:08 GMT
205108.quov2c.700x575.jpg
fermer.blog/media/res/2/0/5/1/0/8/
79 KB
79 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/1/0/8/205108.quov2c.700x575.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
00d3218f520e042cfd3ae56059fe80bb508ed9a53c5efa2bee30bcc86e102ebb

Request headers

:path
/media/res/2/0/5/1/0/8/205108.quov2c.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Tue, 15 Jun 2021 06:00:31 GMT
server
cloudflare-nginx
etag
"60c841ff-13c6a"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
81002
expires
Mon, 21 Jun 2021 04:24:08 GMT
73774.pr3dh0.430.jpg
fermer.blog/media/res/7/3/7/7/4/
59 KB
59 KB
Image
General
Full URL
https://fermer.blog/media/res/7/3/7/7/4/73774.pr3dh0.430.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
2ffeaaeada2a16cdbf324b8e14de95944fa3f4bdeaf266400ec6d4f556c4f176

Request headers

:path
/media/res/7/3/7/7/4/73774.pr3dh0.430.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Tue, 07 May 2019 11:58:48 GMT
server
cloudflare-nginx
etag
"5cd172f8-ea0d"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
59917
expires
Mon, 21 Jun 2021 04:24:08 GMT
62827.ppn8uo.430.jpg
fermer.blog/media/res/6/2/8/2/7/
55 KB
55 KB
Image
General
Full URL
https://fermer.blog/media/res/6/2/8/2/7/62827.ppn8uo.430.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
8e913dfadd09d7ae8579a7a67a2c198c76ba617611ec87353702d47deac58a40

Request headers

:path
/media/res/6/2/8/2/7/62827.ppn8uo.430.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 08 Apr 2019 15:33:52 GMT
server
cloudflare-nginx
etag
"5cab69e0-dc8f"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
56463
expires
Mon, 21 Jun 2021 04:24:08 GMT
51288.pnl830.430.jpg
fermer.blog/media/res/5/1/2/8/8/
74 KB
74 KB
Image
General
Full URL
https://fermer.blog/media/res/5/1/2/8/8/51288.pnl830.430.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
0f0f0252af40031c16b425f1dc533b4d92631f4f8844151f7d3beb4adc5f78bf

Request headers

:path
/media/res/5/1/2/8/8/51288.pnl830.430.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Wed, 27 Feb 2019 15:16:23 GMT
server
cloudflare-nginx
etag
"5c76a9c7-12897"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
75927
expires
Mon, 21 Jun 2021 04:24:08 GMT
42906.plj9mo.430.jpg
fermer.blog/media/res/4/2/9/0/6/
64 KB
64 KB
Image
General
Full URL
https://fermer.blog/media/res/4/2/9/0/6/42906.plj9mo.430.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
9059e7d0105db67bd3e96561b177a58461422dd06d25bebdbbf1805fa31f6c17

Request headers

:path
/media/res/4/2/9/0/6/42906.plj9mo.430.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Fri, 18 Jan 2019 15:42:03 GMT
server
cloudflare-nginx
etag
"5c41f3cb-fe21"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
65057
expires
Mon, 21 Jun 2021 04:24:08 GMT
205121.quu7so.700x575.jpg
fermer.blog/media/res/2/0/5/1/2/1/
90 KB
90 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/1/2/1/205121.quu7so.700x575.jpg
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
b15e9d1dedd89275d00472ade8812ea2be5331a10b205cac3285a87e019e0a20

Request headers

:path
/media/res/2/0/5/1/2/1/205121.quu7so.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Thu, 17 Jun 2021 08:44:05 GMT
server
cloudflare-nginx
etag
"60cb0b55-166c5"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
91845
expires
Mon, 21 Jun 2021 04:24:08 GMT
date_time.jsonp.js
fermer.blog/js/
3 KB
1 KB
Script
General
Full URL
https://fermer.blog/js/date_time.jsonp.js?callback=date_time
Requested by
Host: fermer.blog
URL: https://fermer.blog/assets/ae2ad131/js/scroll.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
bf85e0163e0ba6f5491d12d76c457bf1ed4ab4bf303ee0a0109cf62560540164

Request headers

:path
/js/date_time.jsonp.js?callback=date_time
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
last-modified
Mon, 12 Apr 2021 10:39:25 GMT
server
cloudflare-nginx
etag
W/"6074235d-c8e"
content-type
application/javascript
cache-control
max-age=259200 public must_revalidate
expires
Mon, 21 Jun 2021 04:24:08 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9307.MBjWXqnSkNfoBb9PXghLhMp7lJ5AGQOgb_nf-5qEdzLOOaTR2bFt-5tDO78c9UEQ.uPYcWA7uO6fAD9y2_9nUdqR8uK4%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMy...
43 B
359 B
Image
General
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMyM%2C
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.239.201.35 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
80-239-201-35.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMyM%2C
date
Fri, 18 Jun 2021 04:24:08 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
getcookie
matchid.adfox.yandex.ru/
88 B
272 B
XHR
General
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6f25a539b2e408b79d5f3bc4b1132c0a8f921151e591638c3b1b2d8bea84ca64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fermer.blog
date
Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
88
x-content-type-options
nosniff
content-type
application/json
adjson
ads.betweendigital.com/
11 B
921 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fermer.blog
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
yhb
yhb.p.otm-r.com/
11 B
238 B
XHR
General
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fermer.blog
date
Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials
true
server
nginx/1.17.4
content-length
11
content-type
text/plain; charset=utf-8
yandex_hb
px.adhigh.net/rtb/
Redirect Chain
  • https://px.adhigh.net/rtb/yandex_hb
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
11 B
315 B
XHR
General
Full URL
https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.152 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
hosting.adhigh.net
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
server
nginx
x-backend-id
f13-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://fermer.blog
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
11
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
server
nginx
access-control-allow-origin
https://fermer.blog
x-backend-id
f13-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/
0
205 B
XHR
General
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fermer.blog
date
Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
/
ad.mail.ru/hbid_yandex/
11 B
334 B
XHR
General
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Jun 2021 04:24:08 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://fermer.blog
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
pl999
ssp.bidvol.com/rtb/
11 B
441 B
XHR
General
Full URL
https://ssp.bidvol.com/rtb/pl999
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.181.113.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.113.181.135.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
server
nginx/1.14.0 (Ubuntu)
surrogate-control
no-store
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fermer.blog
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
11
expires
0
adjson
ads.betweendigital.com/
11 B
921 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fermer.blog
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
yhb
yhb.p.otm-r.com/
11 B
237 B
XHR
General
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.65.201.138.clients.your-server.de
Software
nginx/1.17.4 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fermer.blog
date
Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials
true
server
nginx/1.17.4
content-length
11
content-type
text/plain; charset=utf-8
yandex_hb
px.adhigh.net/rtb/
Redirect Chain
  • https://px.adhigh.net/rtb/yandex_hb
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
11 B
315 B
XHR
General
Full URL
https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.148.152 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
hosting.adhigh.net
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
server
nginx
x-backend-id
f13-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://fermer.blog
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
11
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
server
nginx
access-control-allow-origin
https://fermer.blog
x-backend-id
f13-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/
0
205 B
XHR
General
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fermer.blog
date
Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
/
ad.mail.ru/hbid_yandex/
11 B
334 B
XHR
General
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 18 Jun 2021 04:24:08 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://fermer.blog
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
pl999
ssp.bidvol.com/rtb/
11 B
442 B
XHR
General
Full URL
https://ssp.bidvol.com/rtb/pl999
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.181.113.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.113.181.135.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
server
nginx/1.14.0 (Ubuntu)
surrogate-control
no-store
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fermer.blog
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
11
expires
0
cookie.js
partner.googleadservices.com/gampad/
201 B
257 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fermer.blog&callback=_gfp_s_&client=ca-pub-4894759983606832
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
2747dedd021734ef3bb348d81814f853d4ffadeb55c007a4efbefd3cedd1f057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffermer.blog%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fermer.blog
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fermer.blog
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 619F
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1623990248&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffermer.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623990248135&bpp=4&bdt=509&idt=226&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4694270273135&frm=20&pv=2&ga_vid=391944489.1623990248&ga_sid=1623990248&ga_hid=1593283379&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744439%2C31061218&oid=3&pvsid=2603753061062433&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1623990248&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffermer.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623990248135&bpp=4&bdt=509&idt=226&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4694270273135&frm=20&pv=2&ga_vid=391944489.1623990248&ga_sid=1623990248&ga_hid=1593283379&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744439%2C31061218&oid=3&pvsid=2603753061062433&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fermer.blog/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fermer.blog/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 18 Jun 2021 04:24:08 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 04:39:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842926269324"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28241
x-xss-protection
0
expires
Fri, 18 Jun 2021 04:24:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-4894759983606832&c=19&e=2570847921467975139&n=0&t=0&w=813&x=5
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
67nu.json
adagropro.bid/
48 B
226 B
XHR
General
Full URL
https://adagropro.bid/67nu.json?stat=%5B%7B%22t%22%3A%22start%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A395%7D%5D&url=&v=2.2.3-767d805&r=8vvletbmyg&referrer=
Requested by
Host: adagropro.bid
URL: https://adagropro.bid/67nu.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
343f53581da223d0b17b2768ddeb95650292e130ba858f06974b5fa4bb7f6681

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
server
cloudflare-nginx
access-control-allow-headers
*
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1593283379&t=pageview&_s=1&dl=https%3A%2F%2Ffermer.blog%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B5%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%7C%20Fermer.blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=275108081&gjid=2010580690&cid=391944489.1623990248&tid=UA-2296780-10&_gid=104431569.1623990248&_r=1&gtm=2ou6g0&z=15581331
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fermer.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
85 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2296780-10&cid=391944489.1623990248&jid=275108081&gjid=2010580690&_gid=104431569.1623990248&_u=YAhAAUAAAAAAAC~&z=1880433198
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 18 Jun 2021 04:24:08 GMT
content-type
text/plain
access-control-allow-origin
https://fermer.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=fermer.blog&host=fermer.blog&success=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2296780-10&cid=391944489.1623990248&jid=275108081&_u=YAhAAUAAAAAAAC~&z=1119795082
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2296780-10&cid=391944489.1623990248&jid=275108081&_u=YAhAAUAAAAAAAC~&z=1119795082
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
67nu.json
adagropro.bid/
48 B
225 B
XHR
General
Full URL
https://adagropro.bid/67nu.json?stat=%5B%7B%22t%22%3A%22loaded%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A1157%7D%5D&url=https%3A%2F%2Ffermer.blog%2F&v=2.2.3-767d805&r=8vvletbmyg&referrer=http%3A%2F%2Fno.domain%2F
Requested by
Host: adagropro.bid
URL: https://adagropro.bid/67nu.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
c4228739949677944fab2a8736d6e7d7eba90673a18f091d27e6901855419f02

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
server
cloudflare-nginx
access-control-allow-headers
*
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fa967418c5b9209d9c8e5ebd5e07d54034ac9e01579d77dffb5833d3c03e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8387
x-xss-protection
0
49991848
mc.yandex.ru/watch/
238 B
273 B
XHR
General
Full URL
https://mc.yandex.ru/watch/49991848?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A982324758208%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A964802227%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623990249%3At%3A%D0%A1%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B5%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%7C%20Fermer.blog
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5521308e79373d3f056261ba0bcc37ffac51c0cf0d81d98f1a631820358b7af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 18-Jun-2021 04:24:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fermer.blog
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
238
x-xss-protection
1; mode=block
expires
Fri, 18-Jun-2021 04:24:08 GMT
205105.quoup0.700x575.jpg
fermer.blog/media/res/2/0/5/1/0/5/
50 KB
50 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/1/0/5/205105.quoup0.700x575.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
3624c823cee591910a981d13ab59ad210f4f3bb297ab400fb727d77a38f49971

Request headers

:path
/media/res/2/0/5/1/0/5/205105.quoup0.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Mon, 14 Jun 2021 11:17:43 GMT
server
cloudflare-nginx
etag
"60c73ad7-c64a"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
50762
expires
Mon, 21 Jun 2021 04:24:08 GMT
205100.quj6cc.700x575.jpg
fermer.blog/media/res/2/0/5/1/0/0/
59 KB
59 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/1/0/0/205100.quj6cc.700x575.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
b5de2562c24841d2187c9b9c6453d8362291490e92535843bf2de531b98d5958

Request headers

:path
/media/res/2/0/5/1/0/0/205100.quj6cc.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Sun, 13 Jun 2021 06:10:29 GMT
server
cloudflare-nginx
etag
"60c5a155-eb03"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
60163
expires
Mon, 21 Jun 2021 04:24:08 GMT
205123.quu810.700x575.jpg
fermer.blog/media/res/2/0/5/1/2/3/
79 KB
79 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/1/2/3/205123.quu810.700x575.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
7bb2fd1c2626dca108974c45f1ae5135b6ce3352045dcf194883e533b51ba4bd

Request headers

:path
/media/res/2/0/5/1/2/3/205123.quu810.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
last-modified
Thu, 17 Jun 2021 08:44:05 GMT
server
cloudflare-nginx
etag
"60cb0b55-13bc1"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
80833
expires
Mon, 21 Jun 2021 04:24:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 18 Jun 2021 04:24:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame C870
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fermer.blog/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fermer.blog/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 17 Jun 2021 23:05:43 GMT
expires
Fri, 17 Jun 2022 23:05:43 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
19105
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0688
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
df898e8c5b92596ba625e32ab97892cef1b63d2c975ede8a3b032b5d140dce05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YoqWqgacbY7Qq9BruBn+xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fermer.blog/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fermer.blog/

Response headers

expires
Fri, 18 Jun 2021 04:24:08 GMT
date
Fri, 18 Jun 2021 04:24:08 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-YoqWqgacbY7Qq9BruBn+xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame C870
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 19:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
30746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 19:51:42 GMT
youtube-video-id-ajax
fermer.blog/site/
41 B
331 B
XHR
General
Full URL
https://fermer.blog/site/youtube-video-id-ajax
Requested by
Host: fermer.blog
URL: https://fermer.blog/assets/5902b29c/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
bc80fda15b4d5faf768f2b1e35a63d7324d87d087c03f0fba57369d329a068ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options deny

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
:path
/site/youtube-video-id-ajax
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://fermer.blog/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
content-encoding
br
server
cloudflare-nginx
x-frame-options
deny
content-type
text/html; charset=UTF-8
set-cookie
L=ru; expires=Sat, 18-Jun-2022 04:24:08 GMT; Max-Age=31536000; path=/
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
expires
Thu, 19 Nov 1981 08:52:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=2603753061062433&bg=!4eKl4qbNAAZktE7iZLQ7ACkAdvg8WgXgrhlQ2gaMKgwbcNdGH0x6-wub-D2pUUwBbUZ6FeJ7Smc7CwIAAABfUgAAAApoAQeZAoFTyvvxyrCAuaeBTy5jh784fXDrnVKVusJXisWQ80ETCWidDJmnE4CPEj_Y0MXbXWtF7CasXhwzd6FeNqCvFy7GRQHjrq09Up-F4JkX9vEGy2K0qQKGWQapiyieTRV391uoVDX6_KExRqQrhRqQtATClpBZQsPbIxI_q2onrvzahi7-G6aaDgNpZRRRaRrG4IflpRzlvvbruUikR-kxIJId8DaEEmcSPiPk99T3m3pbPIrq7CtyhgkGazkJ53q5-RPW5EA2oxP8Hdh0OxZnRLFV1i4fTOTzxoYK8n9DDGedxi29N84sZn3o5vlPNkRTnz9mbOoJk6h6lkdLP3zDZLqdh5VVBaGQwfwN4m8N0qAVb0Jaotn6RSO63uljpJAVGOFzCFQLyVDTiKXlLO8XRT4i3GfHMrgAclwvHC41fLyanaNoPED45eFvQCtE7Amk10hLoEJm08pLnD-ByHYfnOjHZyAabCBp8ZBJnxxDqq_I8VtwOA5G0B7D7yy3uEPZ5EiqygRnEzeZF6vBoq6f5oqxNR93oT_rAzn1VWj3HbyOgzwMZJScXr5KqbYPC5Q6-mbTER5qKXY5Qz8mVaUJHZDXHbyfTmp2hw2ZHAHeAxwZpk_CWVJY2SmHPfjvB7j7BQW85KiA68buE0gCT6CtD2mvKsQkGmDermp8ipNYoClYcLepYlwkZz76Q_f4jjw4p3xUTBBX71-dmSKadg9Ff8JjQv2Sc6SNx667C-i3V_A-aywcHEc_9b-a6Cxvq09-rsFEOYjwBTt_YH32gHGYKg2rt8uoI0Q6wtIA8oXHjRg09IGYW8RaVHgV3xMNJ3wLq6s7CQR2ecOvQhu4NGNHCVyirA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
205096.quj4co.700x575.jpg
fermer.blog/media/res/2/0/5/0/9/6/
55 KB
55 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/0/9/6/205096.quj4co.700x575.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
9c9ead4e85b18fa4ce5582d02dbd90b0dba5bea0e42741997c00c769e50447a9

Request headers

:path
/media/res/2/0/5/0/9/6/205096.quj4co.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:09 GMT
last-modified
Sat, 12 Jun 2021 06:06:35 GMT
server
cloudflare-nginx
etag
"60c44eeb-dc4f"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
56399
expires
Mon, 21 Jun 2021 04:24:09 GMT
205093.quj2lc.700x575.jpg
fermer.blog/media/res/2/0/5/0/9/3/
121 KB
122 KB
Image
General
Full URL
https://fermer.blog/media/res/2/0/5/0/9/3/205093.quj2lc.700x575.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS
ip61.ip-54-38-155.eu
Software
cloudflare-nginx /
Resource Hash
2e5ecdbb8c4586e846b25b40b2ca83b540e1eddd989b93c19f88127dfa49eaa0

Request headers

:path
/media/res/2/0/5/0/9/3/205093.quj2lc.700x575.jpg
pragma
no-cache
cookie
PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fermer.blog
referer
https://fermer.blog/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fermer.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:24:09 GMT
last-modified
Fri, 11 Jun 2021 08:21:09 GMT
server
cloudflare-nginx
etag
"60c31cf5-1e5fd"
content-type
image/jpeg
cache-control
max-age=259200 public must_revalidate
accept-ranges
bytes
content-length
124413
expires
Mon, 21 Jun 2021 04:24:09 GMT
/
best.aliexpress.ru/ Frame E2A1
Redirect Chain
  • https://s.click.aliexpress.com/e/_eKxu1T
  • https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1...
  • https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26aff_fsk%3D_eKxu1T%26aff_p...
  • https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=a5b7986305f54241bd6239a15fd6e0b8&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-16239...
  • https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1...
0
0
Document
General
Full URL
https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8
Requested by
Host: fermer.blog
URL: https://fermer.blog/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.128.97.8 Moscow, Russian Federation, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
best.aliexpress.ru
:scheme
https
:path
/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fermer.blog/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
xman_us_f=x_l=0&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; xman_f=iEl04/ga53Qc5bmjYyD8uoUHeUKG4IcSWAOeV+6/mB14IxJi68K7TJt6we8ti3zCeY+IVeSK7NKW0uSmN5/ua8ta/RTqrjBNP/zjwnLotxe83mx9urSGlQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fermer.blog/

Response headers

date
Fri, 18 Jun 2021 04:24:11 GMT
content-type
text/html;charset=UTF-8
set-cookie
ali_apache_id=11.139.3.99.1623990251766.235514.0; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_locale=ru_RU&x_l=0&x_c_chg=1&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=156w57iezewp&acs_rt=6510504ed3894770b399c76b2009dcae; Domain=.aliexpress.ru; Path=/; Secure; SameSite=None intl_locale=ru_RU; Domain=.aliexpress.ru; Path=/ aep_usuc_f=site=rus&c_tp=RON&region=RO&b_locale=ru_RU; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None xman_t=GxFKysj+zv7+XD4w5Inf+13n4pxEicHo9eFxRrwXpyWyhqFuQwUN3oqZMtj07BXU; Domain=.aliexpress.ru; Expires=Thu, 16-Sep-2021 04:24:11 GMT; Path=/; Secure; SameSite=None; HttpOnly intl_common_forever=ejxU+fX9ptG6tvxkDx/d9DF7BQjH49yNHl41yRjnmgflL4INKu3Uxw==; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; HttpOnly JSESSIONID=CB88E6D2B5F6E1F14DE692FB090CE425; Path=/; HttpOnly
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-application-context
ae-ru-ug-traffic-affiliateweb-f:prod,ru:7001
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
content-language
ru-RU
content-encoding
gzip
server
Tengine/Aserver
eagleeye-traceid
0b8b036316239902517647738e9a38
timing-allow-origin
*

Redirect headers

content-type
text/html;charset=UTF-8
content-length
0
p3p
CP="CAO PSA OUR"
location
https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8
content-language
en-US
server
Tengine/Aserver
eagleeye-traceid
0ab6d67916239902512786603e412b
strict-transport-security
max-age=31536000
timing-allow-origin
*
date
Fri, 18 Jun 2021 04:24:11 GMT
set-cookie
ali_apache_id=10.182.214.121.1623990251561.436171.8; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None xman_f=3gWkuTHCRH7Xafoh/ITVnEh9QeNPIUpo43P0L3+dS7kIMTvHWay8CjYFG0WqSJXeFZG0r5FW4iVHcGzOWzqY6pvYWjdbRD/xDzRXUbwdAz04OBiu/Cg6ew==; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None; HttpOnly ali_apache_track=; Domain=.alibaba.com; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/ ali_apache_tracktmp=; Domain=.alibaba.com; Path=/ xman_us_f=x_l=0&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None xman_f=iEl04/ga53Qc5bmjYyD8uoUHeUKG4IcSWAOeV+6/mB14IxJi68K7TJt6we8ti3zCeY+IVeSK7NKW0uSmN5/ua8ta/RTqrjBNP/zjwnLotxe83mx9urSGlQ==; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None; HttpOnly e_id=pt60; Expires=Mon, 16 Jun 2031 04:24:11 GMT; Path=/; Domain=.aliexpress.ru

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| run$ object| rbConfig function| ym function| gtag object| dataLayer object| adfoxBiddersMap object| adUnits number| userTimeout object| YaHeaderBiddingSettings object| pcodeJsonp15075zaYqOdegES object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya number| blockAdv function| googleTest object| dataMenu number| slideImgIndex function| plusJournalImg function| currentJournalImg function| showJournalImg function| applyFilterEvents object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| yaCounter49991848 function| jQuery object| yii function| initS2ToggleAll function| initS2Order function| initS2Loading function| initS2Change function| initS2Unselect function| _createClass function| _typeof function| _classCallCheck object| obUserOrder function| createCookieLastTime function| ConfirmNew function| getCookieValue function| setCookieValue function| deleteCookie function| checkCookie function| generateUrlForCompare function| updateCompare object| lazySizesConfig object| lazySizes object| RPopup object| mobiscroll object| google_tag_data string| GoogleAnalyticsObject function| ga function| _defineProperties function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| ownKeys function| _objectSpread function| _defineProperty object| vztromState string| google_user_agent_client_hint boolean| yandex_context_perf_logging number| 1fffdd54b0939889325579b96e916b02rhXbfrCiva2QVB2310NJnZ function| addJquerysonYs function| take_ban_teasersonYs function| getUrlVarssonYs object| $sf object| yaSafeFrameAsyncCallbacks function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| $jscomp number| SesEOa2m2OKxd56JECgK string| rulvW5gntb number| intervalIDsonYs object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
.fermer.blog/ Name: __gads
Value: ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
.fermer.blog/ Name: _ym_d
Value: 1623990248
.fermer.blog/ Name: _gat_gtag_UA_2296780_10
Value: 1
.fermer.blog/ Name: _gid
Value: GA1.2.104431569.1623990248
.fermer.blog/ Name: _ga
Value: GA1.2.391944489.1623990248
.fermer.blog/ Name: _ym_isad
Value: 2
.fermer.blog/ Name: _ym_uid
Value: 1623990248466573642
fermer.blog/ Name: PHPSESSID
Value: rnekrai40ila1a5fre7fl6mujk
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
fermer.blog/ Name: counter_value
Value: 1623990248.111
fermer.blog/ Name: L
Value: ru
fermer.blog/ Name: obUserOrder
Value: %7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
adagropro.bid
adfox-c2s-ams.creativecdn.com
ads.betweendigital.com
ads.digitalcaramel.com
adservice.google.com
adservice.google.de
an.yandex.ru
best.aliexpress.ru
cdn.jsdelivr.net
duper8flash.com
fermer.blog
googleads.g.doubleclick.net
login.aliexpress.com
login.aliexpress.ru
m.mixadvert.com
matchid.adfox.yandex.ru
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
rbone.link
s.click.aliexpress.com
ssp.bidvol.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
yastatic.net
yhb.p.otm-r.com
135.181.113.13
138.201.65.68
142.250.185.66
147.135.189.55
184.25.114.68
184.25.115.167
185.184.8.65
193.232.148.152
23.111.200.118
2606:4700:3035::ac43:ba8f
2606:4700::6810:5714
2a00:1148:db00::17
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c08::9d
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
54.38.155.61
62.128.97.8
80.239.201.35
88.99.234.26
95.216.65.102
00d3218f520e042cfd3ae56059fe80bb508ed9a53c5efa2bee30bcc86e102ebb
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02d7d530148f909cbcd564d11e51e525a5483c2bb96c0824ead3cad80da4fcde
0692210a571f4e87860d81e09e098a26f8818432a160b55bee01c82725cfa924
0a6083e0a6436372f3566176aac564fbbc032047d2ef217e8b82e70cb535eaed
0b05d38da00b982ff4bce48603f9086260d2fb7fe4beb6a575ac731acded8cc7
0e4356259cf7e321f995591532d4d1efca9eff6fe9e96e8fe9756aff0e53d377
0f0f0252af40031c16b425f1dc533b4d92631f4f8844151f7d3beb4adc5f78bf
14072c410ec89a243791f8ba77fe8e561892019b3c3d1fece1c040899ce601bf
158cc86064be37e4a3439dbe47d6aff68a473b7cad0c78e6ffaaf31fdc2fc32e
15c54892706255193928b41e2016fd55076d15132ac1f7d7c99f83f2ad2042ba
1927b6750875c9a99ec192519d682e9c54721d9333a661f3b05b8380d0533914
1de19e37d9ee4fab330156570bfa944767f181f5253945790961f2a0a17df53d
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22e075aeb3b00f19cf6e8aacd991bed21a95ed40ade9e109d93efeb2f1f2fc4d
2747dedd021734ef3bb348d81814f853d4ffadeb55c007a4efbefd3cedd1f057
289ef5fff74b67f8ef5b9f2ed202802678ae3b0d5be43776da56885e29b85acd
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e5ecdbb8c4586e846b25b40b2ca83b540e1eddd989b93c19f88127dfa49eaa0
2ffeaaeada2a16cdbf324b8e14de95944fa3f4bdeaf266400ec6d4f556c4f176
311acc0092839f7e1076f02f61360421eda5d305b0c9f2195804b62570822331
343f53581da223d0b17b2768ddeb95650292e130ba858f06974b5fa4bb7f6681
3624c823cee591910a981d13ab59ad210f4f3bb297ab400fb727d77a38f49971
378d65e3c899cd5bf984d9619597cbbcbc8494b8c3e5e0b46a0fd33dbb5af1d0
3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad
427f3a21ecdc1d620d62cfeaae30cdbd2a1b835aa335f06f5d25d8bc316cfba0
463e82928f67dc09955d633150e436bf026ab6df99c21f25c4552cecf68176a2
4672c078b98596a4fda744f12751d6edee5bcce073aa8b491ca84aaa53d6be8a
49b19211c626af3808cf9a7f2d51dded526414a5f5fe2181633cd7dbe4f070ff
4bb5d4b6b42315f8067cd09f49094deb8bfaa77c39ede7a1e4159874971659bc
506e2c3e4d35de9588db5c7198788e3cbb1e856270e548f1a72d0399c14c3bb8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5521308e79373d3f056261ba0bcc37ffac51c0cf0d81d98f1a631820358b7af0
5893454222dc0ac541735d7981aa1fedba66e9f46f7efc353099108a31a34606
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
6c4fa9f9471c182ce49e6f0b84d401f6daf7c02a64e506d73df26388a934f94a
6f25a539b2e408b79d5f3bc4b1132c0a8f921151e591638c3b1b2d8bea84ca64
736a55b0f0740265e09dd6655bf0d46a6729726e573c9d9a3bd0830e58c82a08
795790310dd3d1a10b0da4004302ede969b80a940edbd5ca98c514274e783cfe
7a5ec0f396843996f148f0c33c7678c2481db790d45a977521fcd2b8ec926dfa
7bb2fd1c2626dca108974c45f1ae5135b6ce3352045dcf194883e533b51ba4bd
83fbe5736b4e922e710f59f517ace260c1b5b7556778942d9b4d153d4d3d0060
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84a0ac1af28601c44dcdf95a9fcf1e100c5afe04506b122cb15e289638481061
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8564386cca4369e084929dfb0620636d20edf437bbfdc81575c6fd54ef52c28d
8ce7979da54407fc39e698dd0221135b4781952b6c525e94892f063416d725f3
8e913dfadd09d7ae8579a7a67a2c198c76ba617611ec87353702d47deac58a40
9059e7d0105db67bd3e96561b177a58461422dd06d25bebdbbf1805fa31f6c17
997f37ce8fdf9379eb57001260dc5f1f77b90421f655070a14509c5cf7ceea3c
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9a372c442ebea763b361e5162586c34ba85e3256cbba806a96681d3b221cc3d3
9c9ead4e85b18fa4ce5582d02dbd90b0dba5bea0e42741997c00c769e50447a9
a3483cab20283886050244fd10ef25b130face8457f2c0e68471daf71c53ae88
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a86d297bdcc1a745dc5d2269ac19be309930d0ba1782017dc5d10d9069697441
ac2f1074e0f95af484fa25ac94cd041e43e3ca2b52be7b856c9e82112790b641
b15e9d1dedd89275d00472ade8812ea2be5331a10b205cac3285a87e019e0a20
b19161b3bab59d5ef83007594ae056ecb4812458dccb41da9bc9bcfa2a5e3259
b39292561e944b75c7a3328b05d8b56d7739ae1f59b9eb5d104dabe490ddb68b
b5de2562c24841d2187c9b9c6453d8362291490e92535843bf2de531b98d5958
b7a21d702ec257ff7a089f80819d4041225470583e48381b08d730012100e4a5
bb1c48b1682bb5e9020bf9bf3901c86bd42d3195b6226cefd36506f28048e18e
bbc69adf79c29b029358be3e0a0458597df4ea33ebe4f097355ad26d9a9ee350
bc80fda15b4d5faf768f2b1e35a63d7324d87d087c03f0fba57369d329a068ce
bf85e0163e0ba6f5491d12d76c457bf1ed4ab4bf303ee0a0109cf62560540164
c4228739949677944fab2a8736d6e7d7eba90673a18f091d27e6901855419f02
c7fa967418c5b9209d9c8e5ebd5e07d54034ac9e01579d77dffb5833d3c03e7b
cbaac130e8e1894a7bf0d1ef045e33ed5e42802fc6eeb798b70c9aa41ff1a994
d429e892190bf733e7114622a740ffb682b653ebad20b57120dd9c3200d5f14b
d8ff1c4ec7dcf5d1073299e7e03d72a416b99bef68b10d98d058c6637aa4527c
dc5c723556281b2c8451c69c53e207e878d86df390e548bd8447660ef5f0266b
dda77fa1a85122150321a05dec16d560aeba1a36c458be53ae63641184533489
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df898e8c5b92596ba625e32ab97892cef1b63d2c975ede8a3b032b5d140dce05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ec1cc44338355879c2c26b3d8fac9bbae4c4522365cb36476a3b4677aa3dfaad
ed1986f28a8dd0a54419e161cbc44193a19512f5127b0938fb7860f762310981
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f461975e496ead61e69b457728886d368507ed4f929888086ff692298658e657
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f912d1c5f1dd5fe68b179605f04f548c0aef4ec5cf4a4774ef29356edc86aec1
fddc754aa71f746b777a9e5e90581316fa6f615b3e9eafc7ba0ac8fb5d5fccea
fe9cef577cc33db6ded51ef00be25fcc4de06b38114e67fbe0e9008e152d1618