fermer.blog Open in urlscan Pro
54.38.155.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fermer.blog/
Effective URL:
https://fermer.blog/
Submission: On June 18 via manual (June 18th 2021, 4:24:31 am UTC) from RU

Summary HTTP 110 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 26 domains to perform 110 HTTP transactions. The main IP is 54.38.155.61, located in France and belongs to OVH, FR. The main domain is fermer.blog.
TLS certificate: Issued by R3 on May 18th 2021. Valid for: 3 months.

This is the only time fermer.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 55	54.38.155.61 54.38.155.61	16276 (OVH) (OVH)
4	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3035::ac43:ba8f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 7	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	88.99.234.26 88.99.234.26	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 2	80.239.201.35 80.239.201.35	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
2	138.201.65.68 138.201.65.68	24940 (HETZNER-AS) (HETZNER-AS)
2 4	193.232.148.152 193.232.148.152	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	135.181.113.13 135.181.113.13	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2 2	184.25.115.167 184.25.115.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	62.128.97.8 62.128.97.8	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1 1	184.25.114.68 184.25.114.68	16625 (AKAMAI-AS) (AKAMAI-AS)
110	31

55 54.38.155.61 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip61.ip-54-38-155.eu

fermer.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

rbone.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adagropro.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:ba8f (United States)

ASN13335 (CLOUDFLARENET, US)

duper8flash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com

ads.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.35 (Sweden) 1 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-35.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.65.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.65.201.138.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.232.148.152 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.181.113.13 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.113.181.135.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.115.167 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-167.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.128.97.8 (Moscow, Russian Federation) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

best.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.114.68 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-114-68.deploy.static.akamaitechnologies.com

login.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	fermer.blog 1 redirects fermer.blog	2 MB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
7	yandex.ru 2 redirects an.yandex.ru mc.yandex.ru matchid.adfox.yandex.ru	69 KB
7	yastatic.net 1 redirects yastatic.net	231 KB
4	adhigh.net 2 redirects px.adhigh.net	1 KB
3	aliexpress.ru 2 redirects best.aliexpress.ru login.aliexpress.ru	2 KB
3	google.com adservice.google.com www.google.com	803 B
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
3	adagropro.bid adagropro.bid	18 KB
2	aliexpress.com 2 redirects s.click.aliexpress.com login.aliexpress.com	3 KB
2	google.de adservice.google.de www.google.de	272 B
2	bidvol.com ssp.bidvol.com	883 B
2	mail.ru ad.mail.ru	668 B
2	creativecdn.com adfox-c2s-ams.creativecdn.com	410 B
2	otm-r.com yhb.p.otm-r.com	475 B
2	betweendigital.com ads.betweendigital.com	2 KB
2	webvisor.org 1 redirects mc.webvisor.org	713 B
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	257 B
1	jsdelivr.net cdn.jsdelivr.net	77 KB
1	mixadvert.com m.mixadvert.com	3 KB
1	digitalcaramel.com ads.digitalcaramel.com	816 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	duper8flash.com duper8flash.com	16 KB
1	rbone.link rbone.link	10 KB
110	26

	Domain	Requested by
55	fermer.blog	1 redirects fermer.blog
8	pagead2.googlesyndication.com	fermer.blog pagead2.googlesyndication.com tpc.googlesyndication.com
7	yastatic.net	1 redirects fermer.blog yastatic.net
5	mc.yandex.ru	2 redirects fermer.blog cdn.jsdelivr.net
4	px.adhigh.net	2 redirects fermer.blog
3	adagropro.bid	fermer.blog adagropro.bid
2	best.aliexpress.ru	1 redirects fermer.blog
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	fermer.blog tpc.googlesyndication.com
2	ssp.bidvol.com	yastatic.net
2	ad.mail.ru	yastatic.net
2	adfox-c2s-ams.creativecdn.com	yastatic.net
2	yhb.p.otm-r.com	yastatic.net
2	ads.betweendigital.com	yastatic.net
2	mc.webvisor.org	1 redirects fermer.blog
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	login.aliexpress.ru	1 redirects
1	login.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	www.google.de	fermer.blog
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	matchid.adfox.yandex.ru	yastatic.net
1	cdn.jsdelivr.net	fermer.blog
1	m.mixadvert.com	fermer.blog
1	an.yandex.ru	fermer.blog
1	ads.digitalcaramel.com	fermer.blog
1	www.googletagmanager.com	fermer.blog
1	duper8flash.com	fermer.blog
1	rbone.link	fermer.blog
110	34

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
t.me
www.instagram.com
ok.ru
zen.yandex.ru
www.pinterest.ru
vk.com
flipboard.com

Subject Issuer	Validity	Valid
fermer.blog R3	`2021-05-18` - `2021-08-16`	3 months	crt.sh
rbone.link R3	`2021-04-23` - `2021-07-22`	3 months	crt.sh
adagropro.bid R3	`2021-04-23` - `2021-07-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
caramel.am R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
m.mixadvert.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
mc.webvisor.com Yandex CA	`2021-03-11` - `2021-09-02`	6 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-03-16` - `2021-09-08`	6 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.ltmse.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
ssp.bidvol.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.aliexpress.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-06-07` - `2022-06-26`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://fermer.blog/
Frame ID: BFB16BC39D434D1D2FC84C661D281CC4
Requests: 104 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: E818CA2BC03532AEB8464BDFC85D345E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1623990248&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffermer.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623990248135&bpp=4&bdt=509&idt=226&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4694270273135&frm=20&pv=2&ga_vid=391944489.1623990248&ga_sid=1623990248&ga_hid=1593283379&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744439%2C31061218&oid=3&pvsid=2603753061062433&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
Frame ID: 619FECF37AE671A528871715785D86DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: C8702CE2D3B17EDF02F2FB14F06A83BA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0688AC4F05F4DC2403329E488FEDCF76
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8
Frame ID: E2A1B533C9A007134A78697F1E617B18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fermer.blog/ HTTP 301
https://fermer.blog/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

110
Requests

100 %
HTTPS

58 %
IPv6

26
Domains

34
Subdomains

31
IPs

8
Countries

2279 kB
Transfer

5891 kB
Size

12
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCOyyC1r5Eapza6SCEA8QSxg/featured
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fermerblog
Title:

Search URL Search Domain Scan URL

URL: https://t.me/project_Fermer_blog
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fermerblog/
Title:

Search URL Search Domain Scan URL

URL: https://ok.ru/fermer.blog
Title:

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/fermerblog
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.ru/fermer_blog/
Title:

Search URL Search Domain Scan URL

URL: https://vk.com/fermer.blog
Title:

Search URL Search Domain Scan URL

URL: https://flipboard.com/@fermerblogtrue?from=share&utm_source=flipboard&utm_medium=share
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fermer.blog/ HTTP 301
https://fermer.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://an.yandex.ru/system/adfox.js

Request Chain 53

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248

Request Chain 67

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9307.MBjWXqnSkNfoBb9PXghLhMp7lJ5AGQOgb_nf-5qEdzLOOaTR2bFt-5tDO78c9UEQ.uPYcWA7uO6fAD9y2_9nUdqR8uK4%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMyM%2C

Request Chain 71

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 77

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 108

https://s.click.aliexpress.com/e/_eKxu1T HTTP 302
https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8 HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26aff_fsk%3D_eKxu1T%26aff_platform%3Dportals-tool%26sk%3D_eKxu1T%26aff_trace_key%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26terminal_id%3Da5b7986305f54241bd6239a15fd6e0b8 HTTP 302
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=a5b7986305f54241bd6239a15fd6e0b8&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26aff_fsk%3D_eKxu1T%26aff_platform%3Dportals-tool%26sk%3D_eKxu1T%26aff_trace_key%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26terminal_id%3Da5b7986305f54241bd6239a15fd6e0b8 HTTP 302
https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fermer.blog/
Redirect Chain

http://fermer.blog/
https://fermer.blog/

114 KB
22 KB

341ms
304ms

Document
text/html

54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://fermer.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.38.155.61 , France, ASN16276 (OVH, FR),

Reverse DNS

ip61.ip-54-38-155.eu

Software

cloudflare-nginx /

Resource Hash

5893454222dc0ac541735d7981aa1fedba66e9f46f7efc353099108a31a34606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

:method: GET
:authority: fermer.blog
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: cloudflare-nginx
date: Fri, 18 Jun 2021 04:24:07 GMT
content-type: text/html; charset=UTF-8
content-length: 21507
set-cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; path=/; secure; HttpOnly L=ru; expires=Sat, 18-Jun-2022 04:24:07 GMT; Max-Age=31536000; path=/ obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; expires=Sun, 18-Jul-2021 04:24:07 GMT; Max-Age=2592000; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000
x-frame-options: deny

Redirect headers

Server: cloudflare-nginx
Date: Fri, 18 Jun 2021 04:24:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://fermer.blog/

GET
H2 200 app.js Show response
fermer.blog/assets/1489be27/build/js/ 47 KB
14 KB 23ms
22ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/1489be27/build/js/app.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 158cc86064be37e4a3439dbe47d6aff68a473b7cad0c78e6ffaaf31fdc2fc32e

Request headers

:path: /assets/1489be27/build/js/app.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:31 GMT
server: cloudflare-nginx
etag: W/"6074239f-bda8"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 1fffdd54b0939889325579b96e916b02.js Show response
rbone.link/pjs/ 37 KB
10 KB 282ms
184ms Script
application/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rbone.link/pjs/1fffdd54b0939889325579b96e916b02.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: frodo.min.org.ua
Software: cloudflare-nginx /
Resource Hash: d429e892190bf733e7114622a740ffb682b653ebad20b57120dd9c3200d5f14b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Fri, 18 Jun 2021 02:02:10 GMT
server: cloudflare-nginx
etag: W/"60cbfea2-935d"
content-type: application/javascript
cache-control: max-age=259200, public, must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 YandexSansText-Regular.woff
fermer.blog/font/ 66 KB
67 KB 26ms
25ms Font
font/woff 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/font/YandexSansText-Regular.woff
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 997f37ce8fdf9379eb57001260dc5f1f77b90421f655070a14509c5cf7ceea3c

Request headers

sec-fetch-mode: cors
origin: https://fermer.blog
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
:path: /font/YandexSansText-Regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://fermer.blog
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
last-modified: Mon, 12 Apr 2021 10:39:24 GMT
server: cloudflare-nginx
etag: "6074235c-10918"
content-type: font/woff
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 67864
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 67nu.min.js Show response
adagropro.bid/ 62 KB
18 KB 202ms
75ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adagropro.bid/67nu.min.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: frodo.min.org.ua
Software: cloudflare-nginx /
Resource Hash: 02d7d530148f909cbcd564d11e51e525a5483c2bb96c0824ead3cad80da4fcde

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
server: cloudflare-nginx
duration: 268269
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Fri, 18-Jun-2021 07:29:08 EEST

GET
H2 200 5eda5a6b76d74fed0e13471c Show response
duper8flash.com/j/ 73 KB
16 KB 50ms
21ms Script
application/javascript 2606:4700:3035::ac43:ba8f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duper8flash.com/j/5eda5a6b76d74fed0e13471c

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:ba8f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec1cc44338355879c2c26b3d8fac9bbae4c4522365cb36476a3b4677aa3dfaad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uhdAanONZ4VeBwOdVIe0XTXBQGfRgysvzuhjP9u4PRvOJmBx488wbCQqjzv0RNpfjeEiuax6IzPw0phfKQrQ4WGEMbXtmu047Y65XUf7bbVr93CPn9bHVNiqhygnJQPhlUMFH2cDcmNW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=31536000
cf-ray: 6611bf0a5e97d6ed-FRA
vary: Accept-Encoding
cf-request-id: 0abef5ba7c0000d6ed2619e000000001

GET
H2 200 select2.min.css
fermer.blog/assets/98b7cf3f/css/ 3 KB
832 B 37ms
35ms Stylesheet
text/css 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/98b7cf3f/css/select2.min.css
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: f912d1c5f1dd5fe68b179605f04f548c0aef4ec5cf4a4774ef29356edc86aec1

Request headers

:path: /assets/98b7cf3f/css/select2.min.css
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:35 GMT
server: cloudflare-nginx
etag: W/"607423a3-aae"
content-type: text/css
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 select2-addl.min.css
fermer.blog/assets/98b7cf3f/css/ 880 B
557 B 37ms
35ms Stylesheet
text/css 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/98b7cf3f/css/select2-addl.min.css
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 289ef5fff74b67f8ef5b9f2ed202802678ae3b0d5be43776da56885e29b85acd

Request headers

:path: /assets/98b7cf3f/css/select2-addl.min.css
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:35 GMT
server: cloudflare-nginx
etag: W/"607423a3-370"
content-type: text/css
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 select2-krajee.min.css
fermer.blog/assets/98b7cf3f/css/ 17 KB
3 KB 37ms
35ms Stylesheet
text/css 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/98b7cf3f/css/select2-krajee.min.css
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: bb1c48b1682bb5e9020bf9bf3901c86bd42d3195b6226cefd36506f28048e18e

Request headers

:path: /assets/98b7cf3f/css/select2-krajee.min.css
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:35 GMT
server: cloudflare-nginx
etag: W/"607423a3-4512"
content-type: text/css
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 event_all.css
fermer.blog/assets/d7275ed6/css/ 576 KB
67 KB 40ms
38ms Stylesheet
text/css 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/d7275ed6/css/event_all.css
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 378d65e3c899cd5bf984d9619597cbbcbc8494b8c3e5e0b46a0fd33dbb5af1d0

Request headers

:path: /assets/d7275ed6/css/event_all.css
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:31 GMT
server: cloudflare-nginx
etag: W/"6074239f-9003f"
content-type: text/css
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 mobiscroll.jquery.min.css
fermer.blog/assets/ae2ad131/css/ 627 KB
56 KB 46ms
44ms Stylesheet
text/css 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/ae2ad131/css/mobiscroll.jquery.min.css
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 8564386cca4369e084929dfb0620636d20edf437bbfdc81575c6fd54ef52c28d

Request headers

:path: /assets/ae2ad131/css/mobiscroll.jquery.min.css
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:36 GMT
server: cloudflare-nginx
etag: W/"607423a4-9cbee"
content-type: text/css
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 state.css
fermer.blog/assets/d7275ed6/css/ 349 KB
43 KB 51ms
49ms Stylesheet
text/css 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/d7275ed6/css/state.css
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 14072c410ec89a243791f8ba77fe8e561892019b3c3d1fece1c040899ce601bf

Request headers

:path: /assets/d7275ed6/css/state.css
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:31 GMT
server: cloudflare-nginx
etag: W/"6074239f-57476"
content-type: text/css
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
36 KB 25ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2296780-10

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a372c442ebea763b361e5162586c34ba85e3256cbba806a96681d3b221cc3d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36245
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Jun 2021 04:24:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48867
x-xss-protection: 0
server: cafe
etag: 2918852401321146490
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 04:24:08 GMT

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 151 KB
33 KB 173ms
84ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0a6083e0a6436372f3566176aac564fbbc032047d2ef217e8b82e70cb535eaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 33401
last-modified: Thu, 17 Jun 2021 13:46:47 GMT
server: nginx/1.17.9
etag: "3f44ae92bed91e17d37f376a4c87a109"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Jun 2021 05:22:56 GMT

GET
H2 200 fermer.blog.js Show response
ads.digitalcaramel.com/js/ 3 KB
816 B 85ms
23ms Script
application/javascript 88.99.234.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.digitalcaramel.com/js/fermer.blog.js

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

digitalcaramel.com

Software

nginx /

Resource Hash

4bb5d4b6b42315f8067cd09f49094deb8bfaa77c39ede7a1e4159874971659bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jun 2021 12:21:31 GMT
server: nginx
etag: W/"60c9eccb-a9e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubdomains; preload
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

adfox.js Show response
an.yandex.ru/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://an.yandex.ru/system/adfox.js

255 KB
67 KB

163ms
73ms

Script
text/javascript

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/adfox.js

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b39292561e944b75c7a3328b05d8b56d7739ae1f59b9eb5d104dabe490ddb68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 2599319240
x-yandex-req-id: 1623990247884495-170892574264298269500179-production-app-host-man-pcode-57
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 18 Jun 2021 05:24:07 GMT

Redirect headers

date: Fri, 18 Jun 2021 04:24:07 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://an.yandex.ru/system/adfox.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 adblock.js Show response
fermer.blog/js/ 58 B
287 B 22ms
18ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/js/adblock.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 1de19e37d9ee4fab330156570bfa944767f181f5253945790961f2a0a17df53d

Request headers

:path: /js/adblock.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-3a"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 datepicker.min.js Show response
fermer.blog/js/ 1 KB
1 KB 22ms
18ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/js/datepicker.min.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: d8ff1c4ec7dcf5d1073299e7e03d72a416b99bef68b10d98d058c6637aa4527c

Request headers

:path: /js/datepicker.min.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Tue, 13 Oct 2020 08:41:20 GMT
server: cloudflare-nginx
etag: W/"5f856830-56d"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 youtube1.svg
fermer.blog/images/fermer/social/ 723 B
561 B 23ms
19ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/youtube1.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: b7a21d702ec257ff7a089f80819d4041225470583e48381b08d730012100e4a5

Request headers

:path: /images/fermer/social/youtube1.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-2d3"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 fb.svg
fermer.blog/images/fermer/social/ 411 B
471 B 23ms
19ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/fb.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 795790310dd3d1a10b0da4004302ede969b80a940edbd5ca98c514274e783cfe

Request headers

:path: /images/fermer/social/fb.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-19b"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 telegram.svg
fermer.blog/images/fermer/social/ 540 B
545 B 23ms
19ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/telegram.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 736a55b0f0740265e09dd6655bf0d46a6729726e573c9d9a3bd0830e58c82a08

Request headers

:path: /images/fermer/social/telegram.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-21c"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 inst.svg
fermer.blog/images/fermer/social/ 3 KB
1 KB 23ms
20ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/inst.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: cbaac130e8e1894a7bf0d1ef045e33ed5e42802fc6eeb798b70c9aa41ff1a994

Request headers

:path: /images/fermer/social/inst.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-c92"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 ok.svg
fermer.blog/images/fermer/social/ 1 KB
774 B 23ms
20ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/ok.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: dda77fa1a85122150321a05dec16d560aeba1a36c458be53ae63641184533489

Request headers

:path: /images/fermer/social/ok.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-4dd"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 dzen.svg
fermer.blog/images/fermer/social/ 684 B
574 B 24ms
20ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/dzen.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: f461975e496ead61e69b457728886d368507ed4f929888086ff692298658e657

Request headers

:path: /images/fermer/social/dzen.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-2ac"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 pinterest.svg
fermer.blog/images/fermer/social/ 1 KB
869 B 31ms
28ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/pinterest.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 84a0ac1af28601c44dcdf95a9fcf1e100c5afe04506b122cb15e289638481061

Request headers

:path: /images/fermer/social/pinterest.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-4ed"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 vk.svg
fermer.blog/images/fermer/social/ 2 KB
998 B 31ms
28ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/vk.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: fddc754aa71f746b777a9e5e90581316fa6f615b3e9eafc7ba0ac8fb5d5fccea

Request headers

:path: /images/fermer/social/vk.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-699"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 flipboard.svg
fermer.blog/images/fermer/socials24x24/ 297 B
412 B 31ms
28ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/socials24x24/flipboard.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: fe9cef577cc33db6ded51ef00be25fcc4de06b38114e67fbe0e9008e152d1618

Request headers

:path: /images/fermer/socials24x24/flipboard.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-129"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 star.svg
fermer.blog/images/fermer/icons24x24/ 343 B
436 B 31ms
29ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/icons24x24/star.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 6c4fa9f9471c182ce49e6f0b84d401f6daf7c02a64e506d73df26388a934f94a

Request headers

:path: /images/fermer/icons24x24/star.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-157"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 add-to-calendar.svg
fermer.blog/images/event1/ 303 B
431 B 32ms
29ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/event1/add-to-calendar.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 0e4356259cf7e321f995591532d4d1efca9eff6fe9e96e8fe9756aff0e53d377

Request headers

:path: /images/event1/add-to-calendar.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-12f"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 loading.gif
fermer.blog/images/auto/ 16 KB
16 KB 33ms
30ms Image
image/gif 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/auto/loading.gif
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: ed1986f28a8dd0a54419e161cbc44193a19512f5127b0938fb7860f762310981

Request headers

:path: /images/auto/loading.gif
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: "6074235d-3e76"
content-type: image/gif
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 15990
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 youtubevideo-btn__icon.svg
fermer.blog/images/fermer/youtubepopup/ 667 B
570 B 33ms
31ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/youtubepopup/youtubevideo-btn__icon.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: ac2f1074e0f95af484fa25ac94cd041e43e3ca2b52be7b856c9e82112790b641

Request headers

:path: /images/fermer/youtubepopup/youtubevideo-btn__icon.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-29b"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 new-logo.png
fermer.blog/images/fermer/ 4 KB
5 KB 33ms
31ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/new-logo.png
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 7a5ec0f396843996f148f0c33c7678c2481db790d45a977521fcd2b8ec926dfa

Request headers

:path: /images/fermer/new-logo.png
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: "6074235d-1148"
content-type: image/png
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 4424
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 youtube.svg
fermer.blog/images/fermer/social/ 947 B
629 B 34ms
31ms Image
image/svg+xml 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/social/youtube.svg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 506e2c3e4d35de9588db5c7198788e3cbb1e856270e548f1a72d0399c14c3bb8

Request headers

:path: /images/fermer/social/youtube.svg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-3b3"
content-type: image/svg+xml
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 jquery.min.js Show response
fermer.blog/assets/5902b29c/ 87 KB
30 KB 22ms
22ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/5902b29c/jquery.min.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path: /assets/5902b29c/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:31 GMT
server: cloudflare-nginx
etag: W/"6074239f-15d84"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 yii.js Show response
fermer.blog/assets/56ae9659/ 20 KB
6 KB 20ms
20ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/56ae9659/yii.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

:path: /assets/56ae9659/yii.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:32 GMT
server: cloudflare-nginx
etag: W/"607423a0-51c6"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 select2.full.min.js Show response
fermer.blog/assets/98b7cf3f/js/ 73 KB
19 KB 25ms
25ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/98b7cf3f/js/select2.full.min.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 15c54892706255193928b41e2016fd55076d15132ac1f7d7c99f83f2ad2042ba

Request headers

:path: /assets/98b7cf3f/js/select2.full.min.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:35 GMT
server: cloudflare-nginx
etag: W/"607423a3-124aa"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 select2-krajee.min.js Show response
fermer.blog/assets/98b7cf3f/js/ 3 KB
1 KB 18ms
18ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/98b7cf3f/js/select2-krajee.min.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 0b05d38da00b982ff4bce48603f9086260d2fb7fe4beb6a575ac731acded8cc7

Request headers

:path: /assets/98b7cf3f/js/select2-krajee.min.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:07 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:35 GMT
server: cloudflare-nginx
etag: W/"607423a3-bf1"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:07 GMT

GET
H2 200 jquery.pjax.js Show response
fermer.blog/assets/fa61e387/ 29 KB
9 KB 19ms
19ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/fa61e387/jquery.pjax.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 49b19211c626af3808cf9a7f2d51dded526414a5f5fe2181633cd7dbe4f070ff

Request headers

:path: /assets/fa61e387/jquery.pjax.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:36 GMT
server: cloudflare-nginx
etag: W/"607423a4-7259"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 / Show response
m.mixadvert.com/show/ 3 KB
3 KB 143ms
43ms Script
application/javascript 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show/?id=7813

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

8ce7979da54407fc39e698dd0221135b4781952b6c525e94892f063416d725f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
strict-transport-security: max-age=15768000, max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 scroll.js Show response
fermer.blog/assets/ae2ad131/js/ 288 KB
89 KB 28ms
28ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/assets/ae2ad131/js/scroll.js
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: dc5c723556281b2c8451c69c53e207e878d86df390e548bd8447660ef5f0266b

Request headers

:path: /assets/ae2ad131/js/scroll.js
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:40:36 GMT
server: cloudflare-nginx
etag: W/"607423a4-47f18"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 login-popup Show response
fermer.blog/ubi/user2/ 7 KB
2 KB 37ms
33ms Script
text/html 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://fermer.blog/ubi/user2/login-popup?preload=1

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.38.155.61 , France, ASN16276 (OVH, FR),

Reverse DNS

ip61.ip-54-38-155.eu

Software

cloudflare-nginx /

Resource Hash

4672c078b98596a4fda744f12751d6edee5bcce073aa8b491ca84aaa53d6be8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

:path: /ubi/user2/login-popup?preload=1
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
vary: Accept-Encoding
server: cloudflare-nginx
x-frame-options: deny
content-type: text/html; charset=UTF-8
set-cookie: L=ru; expires=Sat, 18-Jun-2022 04:24:08 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000
content-length: 1837
expires: Fri, 18 Jun 2021 05:24:08 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 219 KB
77 KB 29ms
27ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463e82928f67dc09955d633150e436bf026ab6df99c21f25c4552cecf68176a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23285
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abef5ba6300004aaff70ed000000001
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"36b8f-F/1WhPP6O6j7eOu8y9brkoJHvMU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6611bf0a3e634aaf-FRA

GET
H2 200 aa5674ac5201d549ef10.js Show response
yastatic.net/partner-code-bundles/15075/ 78 KB
17 KB 61ms
61ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/15075/aa5674ac5201d549ef10.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1927b6750875c9a99ec192519d682e9c54721d9333a661f3b05b8380d0533914

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://fermer.blog
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17064
last-modified: Wed, 16 Jun 2021 16:51:27 GMT
server: nginx/1.17.9
etag: "8a689b646d9a642fbe14698d68692cb0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Jun 2051 10:58:21 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.80/ 29 KB
8 KB 136ms
134ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://fermer.blog
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8120
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
server: nginx/1.17.9
etag: "7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Jun 2051 10:56:59 GMT

GET
H2 200 3b38035a3b53eff806a6.js Show response
yastatic.net/partner-code-bundles/15075/ 12 KB
5 KB 80ms
80ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/15075/3b38035a3b53eff806a6.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a86d297bdcc1a745dc5d2269ac19be309930d0ba1782017dc5d10d9069697441

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://fermer.blog
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4207
last-modified: Wed, 16 Jun 2021 16:51:27 GMT
server: nginx/1.17.9
etag: "259f2f9b0188e95d03d13fdbc555a28f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Jun 2051 10:55:37 GMT

GET
H2 200 4e54d16adf9ff7474572.js Show response
yastatic.net/partner-code-bundles/15075/ 501 KB
106 KB 99ms
99ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/15075/4e54d16adf9ff7474572.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

427f3a21ecdc1d620d62cfeaae30cdbd2a1b835aa335f06f5d25d8bc316cfba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://fermer.blog
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 107487
last-modified: Wed, 16 Jun 2021 16:51:27 GMT
server: nginx/1.17.9
etag: "790098d20deed3476438855dff82731c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Jun 2051 10:55:37 GMT

GET
H2 200 24b0216eb9b9e1f57576.js Show response
yastatic.net/partner-code-bundles/15075/ 338 KB
62 KB 139ms
138ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/15075/24b0216eb9b9e1f57576.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bbc69adf79c29b029358be3e0a0458597df4ea33ebe4f097355ad26d9a9ee350

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://fermer.blog
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62514
last-modified: Wed, 16 Jun 2021 16:51:27 GMT
server: nginx/1.17.9
etag: "7ccd5cd019f0f5b4cff232e88617322d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Jun 2051 10:55:40 GMT

GET
H2 200 site-logo49.png
fermer.blog/images/fermer/ 5 KB
5 KB 24ms
24ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/site-logo49.png
Requested by: Host: fermer.blog
URL: https://fermer.blog/assets/d7275ed6/css/state.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: b19161b3bab59d5ef83007594ae056ecb4812458dccb41da9bc9bcfa2a5e3259

Request headers

:path: /images/fermer/site-logo49.png
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/assets/d7275ed6/css/state.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/assets/d7275ed6/css/state.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: "6074235d-1241"
content-type: image/png
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 4673
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 loading.gif
fermer.blog/images/fermer/ 16 KB
16 KB 21ms
18ms Image
image/gif 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/loading.gif
Requested by: Host: fermer.blog
URL: https://fermer.blog/assets/d7275ed6/css/state.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: ed1986f28a8dd0a54419e161cbc44193a19512f5127b0938fb7860f762310981

Request headers

:path: /images/fermer/loading.gif
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/assets/d7275ed6/css/state.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/assets/d7275ed6/css/state.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: "6074235d-3e76"
content-type: image/gif
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 15990
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 post-slider-arrow.png
fermer.blog/images/fermer/ 1 KB
1 KB 20ms
19ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/images/fermer/post-slider-arrow.png
Requested by: Host: fermer.blog
URL: https://fermer.blog/assets/d7275ed6/css/state.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: a3483cab20283886050244fd10ef25b130face8457f2c0e68471daf71c53ae88

Request headers

:path: /images/fermer/post-slider-arrow.png
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/assets/d7275ed6/css/state.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/assets/d7275ed6/css/state.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: "6074235d-43d"
content-type: image/png
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 1085
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 /
fermer.blog/ 64 KB
64 KB 340ms
338ms Image
text/html 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fermer.blog/

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.38.155.61 , France, ASN16276 (OVH, FR),

Reverse DNS

ip61.ip-54-38-155.eu

Software

cloudflare-nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

:path: /
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
vary: Accept-Encoding
server: cloudflare-nginx
x-frame-options: deny
content-type: text/html; charset=UTF-8
set-cookie: L=ru; expires=Sat, 18-Jun-2022 04:24:08 GMT; Max-Age=31536000; path=/ obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; expires=Sun, 18-Jul-2021 04:24:08 GMT; Max-Age=2592000; path=/
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
content-length: 21507
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/ 233 KB
86 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88106
x-xss-protection: 0
server: cafe
etag: 14514754445097133811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 04:24:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame E818 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210616/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fermer.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fermer.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 17 Jun 2021 19:02:37 GMT
expires: Thu, 01 Jul 2021 19:02:37 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 33691
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

35 B
69 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Jun-2021 04:24:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fermer.blog
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 04:24:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Fri, 18-Jun-2021 04:24:08 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A2%3Adp%3A0%3Als%3A274798009061%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A1051829563%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Ati%3A2%3Ast%3A1623990248
strict-transport-security: max-age=31536000
access-control-allow-origin: https://fermer.blog
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 04:24:08 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
174 B 46ms
46ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Thu, 17 Jun 2021 09:26:05 GMT
etag: "60bf3bc8-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Jun 2021 05:24:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2296780-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5131
date: Fri, 18 Jun 2021 02:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 04:58:37 GMT

GET
H2 200 204797.qrac8c.1250x540.webp
fermer.blog/media/res/2/0/4/7/9/7/ 68 KB
68 KB 21ms
18ms Image
image/webp 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/4/7/9/7/204797.qrac8c.1250x540.webp
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 83fbe5736b4e922e710f59f517ace260c1b5b7556778942d9b4d153d4d3d0060

Request headers

:path: /media/res/2/0/4/7/9/7/204797.qrac8c.1250x540.webp
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 12 Apr 2021 13:04:50 GMT
server: cloudflare-nginx
etag: "60744572-1100e"
content-type: image/webp
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 69646
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 204700.qpyytc.910x830.webp
fermer.blog/media/res/2/0/4/7/0/0/ 66 KB
66 KB 23ms
20ms Image
image/webp 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/4/7/0/0/204700.qpyytc.910x830.webp
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 22e075aeb3b00f19cf6e8aacd991bed21a95ed40ade9e109d93efeb2f1f2fc4d

Request headers

:path: /media/res/2/0/4/7/0/0/204700.qpyytc.910x830.webp
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 12 Apr 2021 13:04:50 GMT
server: cloudflare-nginx
etag: "60744572-108d0"
content-type: image/webp
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 67792
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 205117.qur570.700x575.jpg
fermer.blog/media/res/2/0/5/1/1/7/ 86 KB
87 KB 24ms
22ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/1/1/7/205117.qur570.700x575.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 0692210a571f4e87860d81e09e098a26f8818432a160b55bee01c82725cfa924

Request headers

:path: /media/res/2/0/5/1/1/7/205117.qur570.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Thu, 17 Jun 2021 06:02:34 GMT
server: cloudflare-nginx
etag: "60cae57a-158d7"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 88279
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 205114.quqouo.700x575.jpg
fermer.blog/media/res/2/0/5/1/1/4/ 49 KB
49 KB 28ms
25ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/1/1/4/205114.quqouo.700x575.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 311acc0092839f7e1076f02f61360421eda5d305b0c9f2195804b62570822331

Request headers

:path: /media/res/2/0/5/1/1/4/205114.quqouo.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Wed, 16 Jun 2021 06:03:31 GMT
server: cloudflare-nginx
etag: "60c99433-c2ee"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 49902
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 205108.quov2c.700x575.jpg
fermer.blog/media/res/2/0/5/1/0/8/ 79 KB
79 KB 29ms
26ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/1/0/8/205108.quov2c.700x575.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 00d3218f520e042cfd3ae56059fe80bb508ed9a53c5efa2bee30bcc86e102ebb

Request headers

:path: /media/res/2/0/5/1/0/8/205108.quov2c.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Tue, 15 Jun 2021 06:00:31 GMT
server: cloudflare-nginx
etag: "60c841ff-13c6a"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 81002
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 73774.pr3dh0.430.jpg
fermer.blog/media/res/7/3/7/7/4/ 59 KB
59 KB 29ms
27ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/7/3/7/7/4/73774.pr3dh0.430.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 2ffeaaeada2a16cdbf324b8e14de95944fa3f4bdeaf266400ec6d4f556c4f176

Request headers

:path: /media/res/7/3/7/7/4/73774.pr3dh0.430.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Tue, 07 May 2019 11:58:48 GMT
server: cloudflare-nginx
etag: "5cd172f8-ea0d"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 59917
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 62827.ppn8uo.430.jpg
fermer.blog/media/res/6/2/8/2/7/ 55 KB
55 KB 29ms
27ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/6/2/8/2/7/62827.ppn8uo.430.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 8e913dfadd09d7ae8579a7a67a2c198c76ba617611ec87353702d47deac58a40

Request headers

:path: /media/res/6/2/8/2/7/62827.ppn8uo.430.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 08 Apr 2019 15:33:52 GMT
server: cloudflare-nginx
etag: "5cab69e0-dc8f"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 56463
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 51288.pnl830.430.jpg
fermer.blog/media/res/5/1/2/8/8/ 74 KB
74 KB 29ms
27ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/5/1/2/8/8/51288.pnl830.430.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 0f0f0252af40031c16b425f1dc533b4d92631f4f8844151f7d3beb4adc5f78bf

Request headers

:path: /media/res/5/1/2/8/8/51288.pnl830.430.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Wed, 27 Feb 2019 15:16:23 GMT
server: cloudflare-nginx
etag: "5c76a9c7-12897"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 75927
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 42906.plj9mo.430.jpg
fermer.blog/media/res/4/2/9/0/6/ 64 KB
64 KB 29ms
27ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/4/2/9/0/6/42906.plj9mo.430.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 9059e7d0105db67bd3e96561b177a58461422dd06d25bebdbbf1805fa31f6c17

Request headers

:path: /media/res/4/2/9/0/6/42906.plj9mo.430.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Fri, 18 Jan 2019 15:42:03 GMT
server: cloudflare-nginx
etag: "5c41f3cb-fe21"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 65057
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 205121.quu7so.700x575.jpg
fermer.blog/media/res/2/0/5/1/2/1/ 90 KB
90 KB 29ms
28ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/1/2/1/205121.quu7so.700x575.jpg
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: b15e9d1dedd89275d00472ade8812ea2be5331a10b205cac3285a87e019e0a20

Request headers

:path: /media/res/2/0/5/1/2/1/205121.quu7so.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Thu, 17 Jun 2021 08:44:05 GMT
server: cloudflare-nginx
etag: "60cb0b55-166c5"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 91845
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 date_time.jsonp.js Show response
fermer.blog/js/ 3 KB
1 KB 18ms
18ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fermer.blog/js/date_time.jsonp.js?callback=date_time
Requested by: Host: fermer.blog
URL: https://fermer.blog/assets/ae2ad131/js/scroll.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: bf85e0163e0ba6f5491d12d76c457bf1ed4ab4bf303ee0a0109cf62560540164

Request headers

:path: /js/date_time.jsonp.js?callback=date_time
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 10:39:25 GMT
server: cloudflare-nginx
etag: W/"6074235d-c8e"
content-type: application/javascript
cache-control: max-age=259200 public must_revalidate
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9307.MBjWXqnSkNfoBb9PXghLhMp7lJ5AGQOgb_nf-5qEdzLOOaTR2bFt-5tDO78c9UEQ.uPYcWA7uO6fAD9y2_9nUdqR8uK4%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMy...

43 B
359 B

72ms
72ms

Image
image/gif

80.239.201.35
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMyM%2C

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.35 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-35.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9307.y7KMvnoYTfsACuTS39yGjiSwaWYdsnd1yszxGxfD_jGmz9uSzxT-Edbuz5o73I8I8gju-vP9nRkmVTE01piLLUyjs6xrFQD0p4FY1Y8kvKc%2C.WoX9lsbi-g0etZzY8t_CBVJnMyM%2C
date: Fri, 18 Jun 2021 04:24:08 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
272 B 162ms
61ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6f25a539b2e408b79d5f3bc4b1132c0a8f921151e591638c3b1b2d8bea84ca64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://fermer.blog
date: Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
921 B 238ms
76ms XHR
application/json 23.111.200.118
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fermer.blog
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
238 B 70ms
22ms XHR
text/plain 138.201.65.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fermer.blog
date: Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials: true
server: nginx/1.17.4
content-length: 11
content-type: text/plain; charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
315 B

58ms
57ms

XHR
application/json

193.232.148.152
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.152 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: hosting.adhigh.net
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
server: nginx
x-backend-id: f13-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://fermer.blog
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
server: nginx
access-control-allow-origin: https://fermer.blog
x-backend-id: f13-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
205 B 91ms
29ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fermer.blog
date: Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
334 B 155ms
64ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 18 Jun 2021 04:24:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://fermer.blog
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
441 B 156ms
63ms XHR
application/json 135.181.113.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.113.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.113.181.135.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
server: nginx/1.14.0 (Ubuntu)
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fermer.blog
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
expires: 0

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
921 B 236ms
76ms XHR
application/json 23.111.200.118
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fermer.blog
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
237 B 73ms
27ms XHR
text/plain 138.201.65.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fermer.blog
date: Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials: true
server: nginx/1.17.4
content-length: 11
content-type: text/plain; charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
315 B

58ms
58ms

XHR
application/json

193.232.148.152
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: fermer.blog
URL: https://fermer.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.152 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: hosting.adhigh.net
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
server: nginx
x-backend-id: f13-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://fermer.blog
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
server: nginx
access-control-allow-origin: https://fermer.blog
x-backend-id: f13-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
205 B 89ms
30ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fermer.blog
date: Fri, 18 Jun 2021 04:24:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
334 B 154ms
64ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 18 Jun 2021 04:24:08 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://fermer.blog
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
442 B 154ms
62ms XHR
application/json 135.181.113.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.113.13 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.113.181.135.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
server: nginx/1.14.0 (Ubuntu)
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fermer.blog
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
expires: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
257 B 26ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fermer.blog&callback=_gfp_s_&client=ca-pub-4894759983606832

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=fermer.blog&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2747dedd021734ef3bb348d81814f853d4ffadeb55c007a4efbefd3cedd1f057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffermer.blog%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fermer.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fermer.blog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 619F 603 B
67 B 32ms
31ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1623990248&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffermer.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623990248135&bpp=4&bdt=509&idt=226&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4694270273135&frm=20&pv=2&ga_vid=391944489.1623990248&ga_sid=1623990248&ga_hid=1593283379&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744439%2C31061218&oid=3&pvsid=2603753061062433&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1623990248&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffermer.blog%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623990248135&bpp=4&bdt=509&idt=226&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4694270273135&frm=20&pv=2&ga_vid=391944489.1623990248&ga_sid=1623990248&ga_hid=1593283379&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744439%2C31061218&oid=3&pvsid=2603753061062433&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=246
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fermer.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fermer.blog/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jun 2021 04:24:08 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 04:39:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Fri, 18 Jun 2021 04:24:08 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-4894759983606832&c=19&e=2570847921467975139&n=0&t=0&w=813&x=5

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 67nu.json Show response
adagropro.bid/ 48 B
226 B 165ms
45ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adagropro.bid/67nu.json?stat=%5B%7B%22t%22%3A%22start%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A395%7D%5D&url=&v=2.2.3-767d805&r=8vvletbmyg&referrer=
Requested by: Host: adagropro.bid
URL: https://adagropro.bid/67nu.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: frodo.min.org.ua
Software: cloudflare-nginx /
Resource Hash: 343f53581da223d0b17b2768ddeb95650292e130ba858f06974b5fa4bb7f6681

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
server: cloudflare-nginx
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1593283379&t=pageview&_s=1&dl=https%3A%2F%2Ffermer.blog%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B5%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%7C%20Fermer.blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=275108081&gjid=2010580690&cid=391944489.1623990248&tid=UA-2296780-10&_gid=104431569.1623990248&_r=1&gtm=2ou6g0&z=15581331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fermer.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2296780-10&cid=391944489.1623990248&jid=275108081&gjid=2010580690&_gid=104431569.1623990248&_u=YAhAAUAAAAAAAC~&z=1880433198

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 04:24:08 GMT
content-type: text/plain
access-control-allow-origin: https://fermer.blog
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 15ms
15ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=fermer.blog&host=fermer.blog&success=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2296780-10&cid=391944489.1623990248&jid=275108081&_u=YAhAAUAAAAAAAC~&z=1119795082

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2296780-10&cid=391944489.1623990248&jid=275108081&_u=YAhAAUAAAAAAAC~&z=1119795082

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 67nu.json Show response
adagropro.bid/ 48 B
225 B 46ms
46ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adagropro.bid/67nu.json?stat=%5B%7B%22t%22%3A%22loaded%22%2C%22extra%22%3A%7B%7D%2C%22ts%22%3A1157%7D%5D&url=https%3A%2F%2Ffermer.blog%2F&v=2.2.3-767d805&r=8vvletbmyg&referrer=http%3A%2F%2Fno.domain%2F
Requested by: Host: adagropro.bid
URL: https://adagropro.bid/67nu.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: frodo.min.org.ua
Software: cloudflare-nginx /
Resource Hash: c4228739949677944fab2a8736d6e7d7eba90673a18f091d27e6901855419f02

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
server: cloudflare-nginx
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
25ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fa967418c5b9209d9c8e5ebd5e07d54034ac9e01579d77dffb5833d3c03e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8387
x-xss-protection: 0

GET
H2 200 49991848 Show response
mc.yandex.ru/watch/ 238 B
273 B 46ms
46ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49991848?wmode=7&page-url=https%3A%2F%2Ffermer.blog%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2snnxl8kbbxml%3Afp%3A818%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A982324758208%3Ahid%3A113080900%3Az%3A120%3Ai%3A20210618062408%3Aet%3A1623990248%3Ac%3A1%3Arn%3A964802227%3Au%3A1623990248466573642%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623990247237%3Ads%3A0%2C37%2C303%2C5%2C45%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C37%2C304%2C4%2C44%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623990249%3At%3A%D0%A1%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B5%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%7C%20Fermer.blog

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5521308e79373d3f056261ba0bcc37ffac51c0cf0d81d98f1a631820358b7af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Jun-2021 04:24:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fermer.blog
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 238
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 04:24:08 GMT

GET
H2 200 205105.quoup0.700x575.jpg
fermer.blog/media/res/2/0/5/1/0/5/ 50 KB
50 KB 20ms
18ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/1/0/5/205105.quoup0.700x575.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 3624c823cee591910a981d13ab59ad210f4f3bb297ab400fb727d77a38f49971

Request headers

:path: /media/res/2/0/5/1/0/5/205105.quoup0.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Mon, 14 Jun 2021 11:17:43 GMT
server: cloudflare-nginx
etag: "60c73ad7-c64a"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 50762
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 205100.quj6cc.700x575.jpg
fermer.blog/media/res/2/0/5/1/0/0/ 59 KB
59 KB 20ms
19ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/1/0/0/205100.quj6cc.700x575.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: b5de2562c24841d2187c9b9c6453d8362291490e92535843bf2de531b98d5958

Request headers

:path: /media/res/2/0/5/1/0/0/205100.quj6cc.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Sun, 13 Jun 2021 06:10:29 GMT
server: cloudflare-nginx
etag: "60c5a155-eb03"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 60163
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 205123.quu810.700x575.jpg
fermer.blog/media/res/2/0/5/1/2/3/ 79 KB
79 KB 21ms
20ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/1/2/3/205123.quu810.700x575.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 7bb2fd1c2626dca108974c45f1ae5135b6ce3352045dcf194883e533b51ba4bd

Request headers

:path: /media/res/2/0/5/1/2/3/205123.quu810.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
last-modified: Thu, 17 Jun 2021 08:44:05 GMT
server: cloudflare-nginx
etag: "60cb0b55-13bc1"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 80833
expires: Mon, 21 Jun 2021 04:24:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 18 Jun 2021 04:24:08 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame C870 12 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fermer.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fermer.blog/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 17 Jun 2021 23:05:43 GMT
expires: Fri, 17 Jun 2022 23:05:43 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0688 783 B
531 B 25ms
24ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df898e8c5b92596ba625e32ab97892cef1b63d2c975ede8a3b032b5d140dce05

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YoqWqgacbY7Qq9BruBn+xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fermer.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fermer.blog/

Response headers

expires: Fri, 18 Jun 2021 04:24:08 GMT
date: Fri, 18 Jun 2021 04:24:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-YoqWqgacbY7Qq9BruBn+xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame C870 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 19:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 19:51:42 GMT

GET
H2 200 youtube-video-id-ajax Show response
fermer.blog/site/ 41 B
331 B 41ms
40ms XHR
text/html 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://fermer.blog/site/youtube-video-id-ajax

Requested by

Host: fermer.blog
URL: https://fermer.blog/assets/5902b29c/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.38.155.61 , France, ASN16276 (OVH, FR),

Reverse DNS

ip61.ip-54-38-155.eu

Software

cloudflare-nginx /

Resource Hash

bc80fda15b4d5faf768f2b1e35a63d7324d87d087c03f0fba57369d329a068ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
:path: /site/youtube-video-id-ajax
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://fermer.blog/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
content-encoding: br
server: cloudflare-nginx
x-frame-options: deny
content-type: text/html; charset=UTF-8
set-cookie: L=ru; expires=Sat, 18-Jun-2022 04:24:08 GMT; Max-Age=31536000; path=/
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=2603753061062433&bg=!4eKl4qbNAAZktE7iZLQ7ACkAdvg8WgXgrhlQ2gaMKgwbcNdGH0x6-wub-D2pUUwBbUZ6FeJ7Smc7CwIAAABfUgAAAApoAQeZAoFTyvvxyrCAuaeBTy5jh784fXDrnVKVusJXisWQ80ETCWidDJmnE4CPEj_Y0MXbXWtF7CasXhwzd6FeNqCvFy7GRQHjrq09Up-F4JkX9vEGy2K0qQKGWQapiyieTRV391uoVDX6_KExRqQrhRqQtATClpBZQsPbIxI_q2onrvzahi7-G6aaDgNpZRRRaRrG4IflpRzlvvbruUikR-kxIJId8DaEEmcSPiPk99T3m3pbPIrq7CtyhgkGazkJ53q5-RPW5EA2oxP8Hdh0OxZnRLFV1i4fTOTzxoYK8n9DDGedxi29N84sZn3o5vlPNkRTnz9mbOoJk6h6lkdLP3zDZLqdh5VVBaGQwfwN4m8N0qAVb0Jaotn6RSO63uljpJAVGOFzCFQLyVDTiKXlLO8XRT4i3GfHMrgAclwvHC41fLyanaNoPED45eFvQCtE7Amk10hLoEJm08pLnD-ByHYfnOjHZyAabCBp8ZBJnxxDqq_I8VtwOA5G0B7D7yy3uEPZ5EiqygRnEzeZF6vBoq6f5oqxNR93oT_rAzn1VWj3HbyOgzwMZJScXr5KqbYPC5Q6-mbTER5qKXY5Qz8mVaUJHZDXHbyfTmp2hw2ZHAHeAxwZpk_CWVJY2SmHPfjvB7j7BQW85KiA68buE0gCT6CtD2mvKsQkGmDermp8ipNYoClYcLepYlwkZz76Q_f4jjw4p3xUTBBX71-dmSKadg9Ff8JjQv2Sc6SNx667C-i3V_A-aywcHEc_9b-a6Cxvq09-rsFEOYjwBTt_YH32gHGYKg2rt8uoI0Q6wtIA8oXHjRg09IGYW8RaVHgV3xMNJ3wLq6s7CQR2ecOvQhu4NGNHCVyirA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 04:24:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 205096.quj4co.700x575.jpg
fermer.blog/media/res/2/0/5/0/9/6/ 55 KB
55 KB 19ms
18ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/0/9/6/205096.quj4co.700x575.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 9c9ead4e85b18fa4ce5582d02dbd90b0dba5bea0e42741997c00c769e50447a9

Request headers

:path: /media/res/2/0/5/0/9/6/205096.quj4co.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:09 GMT
last-modified: Sat, 12 Jun 2021 06:06:35 GMT
server: cloudflare-nginx
etag: "60c44eeb-dc4f"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 56399
expires: Mon, 21 Jun 2021 04:24:09 GMT

GET
H2 200 205093.quj2lc.700x575.jpg
fermer.blog/media/res/2/0/5/0/9/3/ 121 KB
122 KB 26ms
26ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fermer.blog/media/res/2/0/5/0/9/3/205093.quj2lc.700x575.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: cloudflare-nginx /
Resource Hash: 2e5ecdbb8c4586e846b25b40b2ca83b540e1eddd989b93c19f88127dfa49eaa0

Request headers

:path: /media/res/2/0/5/0/9/3/205093.quj2lc.700x575.jpg
pragma: no-cache
cookie: PHPSESSID=rnekrai40ila1a5fre7fl6mujk; L=ru; obUserOrder=%7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D; counter_value=1623990248.111; _ym_uid=1623990248466573642; _ym_d=1623990248; _ym_isad=2; _ga=GA1.2.391944489.1623990248; _gid=GA1.2.104431569.1623990248; _gat_gtag_UA_2296780_10=1; __gads=ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fermer.blog
referer: https://fermer.blog/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://fermer.blog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 04:24:09 GMT
last-modified: Fri, 11 Jun 2021 08:21:09 GMT
server: cloudflare-nginx
etag: "60c31cf5-1e5fd"
content-type: image/jpeg
cache-control: max-age=259200 public must_revalidate
accept-ranges: bytes
content-length: 124413
expires: Mon, 21 Jun 2021 04:24:09 GMT

GET
H2

200

/
best.aliexpress.ru/ Frame E2A1
Redirect Chain

https://s.click.aliexpress.com/e/_eKxu1T
https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1...
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T%26aff_fsk%3D_eKxu1T%26aff_p...
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=a5b7986305f54241bd6239a15fd6e0b8&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Faff_fcid%3D8485be6416914aae8e82e05b6ebe44e1-16239...
https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1...

0
0

104ms
103ms

Document
text/html

62.128.97.8
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8

Requested by

Host: fermer.blog
URL: https://fermer.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

62.128.97.8 Moscow, Russian Federation, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: best.aliexpress.ru
:scheme: https
:path: /?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fermer.blog/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xman_us_f=x_l=0&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; xman_f=iEl04/ga53Qc5bmjYyD8uoUHeUKG4IcSWAOeV+6/mB14IxJi68K7TJt6we8ti3zCeY+IVeSK7NKW0uSmN5/ua8ta/RTqrjBNP/zjwnLotxe83mx9urSGlQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fermer.blog/

Response headers

date: Fri, 18 Jun 2021 04:24:11 GMT
content-type: text/html;charset=UTF-8
set-cookie: ali_apache_id=11.139.3.99.1623990251766.235514.0; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_locale=ru_RU&x_l=0&x_c_chg=1&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=156w57iezewp&acs_rt=6510504ed3894770b399c76b2009dcae; Domain=.aliexpress.ru; Path=/; Secure; SameSite=None intl_locale=ru_RU; Domain=.aliexpress.ru; Path=/ aep_usuc_f=site=rus&c_tp=RON&region=RO&b_locale=ru_RU; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None xman_t=GxFKysj+zv7+XD4w5Inf+13n4pxEicHo9eFxRrwXpyWyhqFuQwUN3oqZMtj07BXU; Domain=.aliexpress.ru; Expires=Thu, 16-Sep-2021 04:24:11 GMT; Path=/; Secure; SameSite=None; HttpOnly intl_common_forever=ejxU+fX9ptG6tvxkDx/d9DF7BQjH49yNHl41yRjnmgflL4INKu3Uxw==; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; HttpOnly JSESSIONID=CB88E6D2B5F6E1F14DE692FB090CE425; Path=/; HttpOnly
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-ru-ug-traffic-affiliateweb-f:prod,ru:7001
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
content-language: ru-RU
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 0b8b036316239902517647738e9a38
timing-allow-origin: *

Redirect headers

content-type: text/html;charset=UTF-8
content-length: 0
p3p: CP="CAO PSA OUR"
location: https://best.aliexpress.ru/?aff_fcid=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&aff_fsk=_eKxu1T&aff_platform=portals-tool&sk=_eKxu1T&aff_trace_key=8485be6416914aae8e82e05b6ebe44e1-1623990250168-06376-_eKxu1T&terminal_id=a5b7986305f54241bd6239a15fd6e0b8
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 0ab6d67916239902512786603e412b
strict-transport-security: max-age=31536000
timing-allow-origin: *
date: Fri, 18 Jun 2021 04:24:11 GMT
set-cookie: ali_apache_id=10.182.214.121.1623990251561.436171.8; path=/; domain=.aliexpress.com; expires=Wed, 30-Nov-2084 01:01:01 GMT xman_us_f=x_l=0&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None xman_f=3gWkuTHCRH7Xafoh/ITVnEh9QeNPIUpo43P0L3+dS7kIMTvHWay8CjYFG0WqSJXeFZG0r5FW4iVHcGzOWzqY6pvYWjdbRD/xDzRXUbwdAz04OBiu/Cg6ew==; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None; HttpOnly ali_apache_track=; Domain=.alibaba.com; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/ ali_apache_tracktmp=; Domain=.alibaba.com; Path=/ xman_us_f=x_l=0&acs_rt=a5b7986305f54241bd6239a15fd6e0b8; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None xman_f=iEl04/ga53Qc5bmjYyD8uoUHeUKG4IcSWAOeV+6/mB14IxJi68K7TJt6we8ti3zCeY+IVeSK7NKW0uSmN5/ua8ta/RTqrjBNP/zjwnLotxe83mx9urSGlQ==; Domain=.aliexpress.ru; Expires=Wed, 06-Jul-2089 07:38:18 GMT; Path=/; Secure; SameSite=None; HttpOnly e_id=pt60; Expires=Mon, 16 Jun 2031 04:24:11 GMT; Path=/; Domain=.aliexpress.ru

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fermer.blog/	1970-01-20 04:28:06	Name: __gads Value: ID=f78622eebd303d62-2225646e08c90022:T=1623990248:RT=1623990248:S=ALNI_MaV8Z7_OZK1GuGxLJzQJ-dqWNxZ6A
.fermer.blog/	1970-01-20 03:52:06	Name: _ym_d Value: 1623990248
.fermer.blog/	1970-01-19 19:06:30	Name: _gat_gtag_UA_2296780_10 Value: 1
.fermer.blog/	1970-01-19 19:07:56	Name: _gid Value: GA1.2.104431569.1623990248
.fermer.blog/	1970-01-20 12:37:42	Name: _ga Value: GA1.2.391944489.1623990248
.fermer.blog/	1970-01-19 19:07:42	Name: _ym_isad Value: 2
.fermer.blog/	1970-01-20 03:52:06	Name: _ym_uid Value: 1623990248466573642
fermer.blog/	1969-12-31 23:59:59	Name: PHPSESSID Value: rnekrai40ila1a5fre7fl6mujk
.doubleclick.net/	1970-01-19 19:06:31	Name: test_cookie Value: CheckForPermission
fermer.blog/	1970-01-19 19:07:56	Name: counter_value Value: 1623990248.111
fermer.blog/	1970-01-20 03:52:06	Name: L Value: ru
fermer.blog/	1970-01-19 19:49:42	Name: obUserOrder Value: %7B%22userId%22%3Anull%2C%22guestId%22%3A%2260cc1fe7935b31.16936241%22%2C%22orderId%22%3Anull%2C%22timeUpdate%22%3Anull%2C%22items%22%3A%5B%5D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
adagropro.bid
adfox-c2s-ams.creativecdn.com
ads.betweendigital.com
ads.digitalcaramel.com
adservice.google.com
adservice.google.de
an.yandex.ru
best.aliexpress.ru
cdn.jsdelivr.net
duper8flash.com
fermer.blog
googleads.g.doubleclick.net
login.aliexpress.com
login.aliexpress.ru
m.mixadvert.com
matchid.adfox.yandex.ru
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
rbone.link
s.click.aliexpress.com
ssp.bidvol.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
yastatic.net
yhb.p.otm-r.com
135.181.113.13
138.201.65.68
142.250.185.66
147.135.189.55
184.25.114.68
184.25.115.167
185.184.8.65
193.232.148.152
23.111.200.118
2606:4700:3035::ac43:ba8f
2606:4700::6810:5714
2a00:1148:db00::17
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:400c:c08::9d
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
54.38.155.61
62.128.97.8
80.239.201.35
88.99.234.26
95.216.65.102
00d3218f520e042cfd3ae56059fe80bb508ed9a53c5efa2bee30bcc86e102ebb
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02d7d530148f909cbcd564d11e51e525a5483c2bb96c0824ead3cad80da4fcde
0692210a571f4e87860d81e09e098a26f8818432a160b55bee01c82725cfa924
0a6083e0a6436372f3566176aac564fbbc032047d2ef217e8b82e70cb535eaed
0b05d38da00b982ff4bce48603f9086260d2fb7fe4beb6a575ac731acded8cc7
0e4356259cf7e321f995591532d4d1efca9eff6fe9e96e8fe9756aff0e53d377
0f0f0252af40031c16b425f1dc533b4d92631f4f8844151f7d3beb4adc5f78bf
14072c410ec89a243791f8ba77fe8e561892019b3c3d1fece1c040899ce601bf
158cc86064be37e4a3439dbe47d6aff68a473b7cad0c78e6ffaaf31fdc2fc32e
15c54892706255193928b41e2016fd55076d15132ac1f7d7c99f83f2ad2042ba
1927b6750875c9a99ec192519d682e9c54721d9333a661f3b05b8380d0533914
1de19e37d9ee4fab330156570bfa944767f181f5253945790961f2a0a17df53d
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22e075aeb3b00f19cf6e8aacd991bed21a95ed40ade9e109d93efeb2f1f2fc4d
2747dedd021734ef3bb348d81814f853d4ffadeb55c007a4efbefd3cedd1f057
289ef5fff74b67f8ef5b9f2ed202802678ae3b0d5be43776da56885e29b85acd
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e5ecdbb8c4586e846b25b40b2ca83b540e1eddd989b93c19f88127dfa49eaa0
2ffeaaeada2a16cdbf324b8e14de95944fa3f4bdeaf266400ec6d4f556c4f176
311acc0092839f7e1076f02f61360421eda5d305b0c9f2195804b62570822331
343f53581da223d0b17b2768ddeb95650292e130ba858f06974b5fa4bb7f6681
3624c823cee591910a981d13ab59ad210f4f3bb297ab400fb727d77a38f49971
378d65e3c899cd5bf984d9619597cbbcbc8494b8c3e5e0b46a0fd33dbb5af1d0
3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad
427f3a21ecdc1d620d62cfeaae30cdbd2a1b835aa335f06f5d25d8bc316cfba0
463e82928f67dc09955d633150e436bf026ab6df99c21f25c4552cecf68176a2
4672c078b98596a4fda744f12751d6edee5bcce073aa8b491ca84aaa53d6be8a
49b19211c626af3808cf9a7f2d51dded526414a5f5fe2181633cd7dbe4f070ff
4bb5d4b6b42315f8067cd09f49094deb8bfaa77c39ede7a1e4159874971659bc
506e2c3e4d35de9588db5c7198788e3cbb1e856270e548f1a72d0399c14c3bb8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5521308e79373d3f056261ba0bcc37ffac51c0cf0d81d98f1a631820358b7af0
5893454222dc0ac541735d7981aa1fedba66e9f46f7efc353099108a31a34606
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
6c4fa9f9471c182ce49e6f0b84d401f6daf7c02a64e506d73df26388a934f94a
6f25a539b2e408b79d5f3bc4b1132c0a8f921151e591638c3b1b2d8bea84ca64
736a55b0f0740265e09dd6655bf0d46a6729726e573c9d9a3bd0830e58c82a08
795790310dd3d1a10b0da4004302ede969b80a940edbd5ca98c514274e783cfe
7a5ec0f396843996f148f0c33c7678c2481db790d45a977521fcd2b8ec926dfa
7bb2fd1c2626dca108974c45f1ae5135b6ce3352045dcf194883e533b51ba4bd
83fbe5736b4e922e710f59f517ace260c1b5b7556778942d9b4d153d4d3d0060
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84a0ac1af28601c44dcdf95a9fcf1e100c5afe04506b122cb15e289638481061
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8564386cca4369e084929dfb0620636d20edf437bbfdc81575c6fd54ef52c28d
8ce7979da54407fc39e698dd0221135b4781952b6c525e94892f063416d725f3
8e913dfadd09d7ae8579a7a67a2c198c76ba617611ec87353702d47deac58a40
9059e7d0105db67bd3e96561b177a58461422dd06d25bebdbbf1805fa31f6c17
997f37ce8fdf9379eb57001260dc5f1f77b90421f655070a14509c5cf7ceea3c
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9a372c442ebea763b361e5162586c34ba85e3256cbba806a96681d3b221cc3d3
9c9ead4e85b18fa4ce5582d02dbd90b0dba5bea0e42741997c00c769e50447a9
a3483cab20283886050244fd10ef25b130face8457f2c0e68471daf71c53ae88
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a86d297bdcc1a745dc5d2269ac19be309930d0ba1782017dc5d10d9069697441
ac2f1074e0f95af484fa25ac94cd041e43e3ca2b52be7b856c9e82112790b641
b15e9d1dedd89275d00472ade8812ea2be5331a10b205cac3285a87e019e0a20
b19161b3bab59d5ef83007594ae056ecb4812458dccb41da9bc9bcfa2a5e3259
b39292561e944b75c7a3328b05d8b56d7739ae1f59b9eb5d104dabe490ddb68b
b5de2562c24841d2187c9b9c6453d8362291490e92535843bf2de531b98d5958
b7a21d702ec257ff7a089f80819d4041225470583e48381b08d730012100e4a5
bb1c48b1682bb5e9020bf9bf3901c86bd42d3195b6226cefd36506f28048e18e
bbc69adf79c29b029358be3e0a0458597df4ea33ebe4f097355ad26d9a9ee350
bc80fda15b4d5faf768f2b1e35a63d7324d87d087c03f0fba57369d329a068ce
bf85e0163e0ba6f5491d12d76c457bf1ed4ab4bf303ee0a0109cf62560540164
c4228739949677944fab2a8736d6e7d7eba90673a18f091d27e6901855419f02
c7fa967418c5b9209d9c8e5ebd5e07d54034ac9e01579d77dffb5833d3c03e7b
cbaac130e8e1894a7bf0d1ef045e33ed5e42802fc6eeb798b70c9aa41ff1a994
d429e892190bf733e7114622a740ffb682b653ebad20b57120dd9c3200d5f14b
d8ff1c4ec7dcf5d1073299e7e03d72a416b99bef68b10d98d058c6637aa4527c
dc5c723556281b2c8451c69c53e207e878d86df390e548bd8447660ef5f0266b
dda77fa1a85122150321a05dec16d560aeba1a36c458be53ae63641184533489
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df898e8c5b92596ba625e32ab97892cef1b63d2c975ede8a3b032b5d140dce05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ec1cc44338355879c2c26b3d8fac9bbae4c4522365cb36476a3b4677aa3dfaad
ed1986f28a8dd0a54419e161cbc44193a19512f5127b0938fb7860f762310981
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f461975e496ead61e69b457728886d368507ed4f929888086ff692298658e657
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f912d1c5f1dd5fe68b179605f04f548c0aef4ec5cf4a4774ef29356edc86aec1
fddc754aa71f746b777a9e5e90581316fa6f615b3e9eafc7ba0ac8fb5d5fccea
fe9cef577cc33db6ded51ef00be25fcc4de06b38114e67fbe0e9008e152d1618

fermer.blog Open in urlscan Pro 54.38.155.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

100 %HTTPS

58 %IPv6

26 Domains

34 Subdomains

31 IPs

8 Countries

2279 kBTransfer

5891 kBSize

12 Cookies

9 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fermer.blog Open in urlscan Pro
54.38.155.61 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

100 %
HTTPS

58 %
IPv6

26
Domains

34
Subdomains

31
IPs

8
Countries

2279 kB
Transfer

5891 kB
Size

12
Cookies

110 HTTP transactions
0 data transactions