hi.ru Open in urlscan Pro
2a00:15f8:a000:5:1:12:5:3f30 Public Scan

URL:
https://hi.ru/?md81
Submission: On June 13 via manual (June 13th 2021, 9:19:25 am UTC) from PH

Summary HTTP 343 Redirects Links 80 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 35 domains to perform 343 HTTP transactions. The main IP is 2a00:15f8:a000:5:1:12:5:3f30, located in Russian Federation and belongs to MASTERHOST-AS Moscow, Russia, RU. The main domain is hi.ru.
TLS certificate: Issued by R3 on April 29th 2021. Valid for: 3 months.

This is the only time hi.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2a00:15f8:a00... 2a00:15f8:a000:5:1:12:5:3f30	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:15f8:a00... 2a00:15f8:a000:5:1:11:7:1fd5	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
12	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2	198.24.170.52 198.24.170.52	19437 (SS-ASH) (SS-ASH)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1 3	99.86.241.40 99.86.241.40	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 27	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
52	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	52.41.116.81 52.41.116.81	16509 (AMAZON-02) (AMAZON-02)
32	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
6 6	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
6 6	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:558f:678c:b3d9:283d	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2 2	18.194.113.221 18.194.113.221	16509 (AMAZON-02) (AMAZON-02)
2 2	79.137.68.187 79.137.68.187	16276 (OVH) (OVH)
2 2	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6e::9	15169 (GOOGLE) (GOOGLE)
4	152.199.21.117 152.199.21.117	15133 (EDGECAST) (EDGECAST)
8	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
12	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
8	13.225.74.57 13.225.74.57	16509 (AMAZON-02) (AMAZON-02)
4	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
8	54.73.127.151 54.73.127.151	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80f::2013	15169 (GOOGLE) (GOOGLE)
343	43

25 2a00:15f8:a000:5:1:12:5:3f30 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

hi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:15f8:a000:5:1:11:7:1fd5 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

photoshosting.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.24.170.52 (Ashburn, United States)

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.241.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-40.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.116.81 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.253.211 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.78 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.138 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:558f:678c:b3d9:283d (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.113.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.68.187 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.199.35 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6e::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5ednsd.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.199.21.117 (United States)

ASN15133 (EDGECAST, US)

ssl.cdne.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.74.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-57.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.73.127.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	120 KB
52	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	2 MB
43	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	536 KB
32	photoshosting.ru photoshosting.ru	496 KB
30	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com csi.gstatic.com	511 KB
25	hi.ru hi.ru tv.hi.ru Failed	311 KB
16	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	420 KB
16	webgains.com track.webgains.com diapi.webgains.com	394 KB
12	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net	16 KB
8	m-t.io w-it.m-t.io	862 B
8	awin1.com www.awin1.com	5 KB
8	googletagservices.com www.googletagservices.com	288 KB
7	google.com adservice.google.com www.google.com	1 KB
6	pubmatic.com 6 redirects image6.pubmatic.com	3 KB
6	openx.net 6 redirects rtb.openx.net	2 KB
6	cpmstar.com server.cpmstar.com ssl.cdne.cpmstar.com	40 KB
5	rubiconproject.com 5 redirects pixel.rubiconproject.com	2 KB
5	quantserve.com 4 redirects cms.quantserve.com	2 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	mookie1.com odr.mookie1.com	998 B
2	everesttech.net 2 redirects pixel.everesttech.net	751 B
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	501 B
2	agkn.com 2 redirects d.agkn.com	1 KB
2	innovid.com 1 redirects ag.innovid.com	686 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	google.de adservice.google.de	975 B
2	tns-counter.ru 1 redirects www.tns-counter.ru	700 B
2	yandex.ru 1 redirects mc.yandex.ru	46 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
1	googlevideo.com r4---sn-4g5ednsd.googlevideo.com	580 KB
1	googleadservices.com partner.googleadservices.com	652 B
1	criteo.com gum.criteo.com	2 KB
1	criteo.net static.criteo.net	38 KB
343	35

	Domain	Requested by
32	cm.g.doubleclick.net	hi.ru googleads.g.doubleclick.net
32	photoshosting.ru	hi.ru
27	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
25	hi.ru	hi.ru
24	assets.ad4m.at	as.ad4m.at
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
20	ad4m.at	googleads.g.doubleclick.net ad4m.at
16	pagead2.googlesyndication.com	hi.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	track.webgains.com	as.ad4m.at analytics.webgains.io track.webgains.com
12	fonts.gstatic.com	fonts.googleapis.com
8	w-it.m-t.io	analytics-wg.webgains.io
8	api.webgains.io	analytics.webgains.io
8	www.awin1.com	as.ad4m.at
8	as.ad4m.at	ad4m.at as.ad4m.at
8	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	image6.pubmatic.com	6 redirects
6	rtb.openx.net	6 redirects
5	csi.gstatic.com	www.gstatic.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	pixel.rubiconproject.com	5 redirects
5	cms.quantserve.com	4 redirects googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects hi.ru
4	analytics-wg.webgains.io	analytics.webgains.io
4	diapi.webgains.com	track.webgains.com
4	analytics.webgains.io	track.webgains.com
4	ssl.cdne.cpmstar.com	hi.ru
4	ad4mat.net	ad4m.at
4	static-de.ad4mat.net	ad4m.at
4	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
4	fonts.googleapis.com	hi.ru googleads.g.doubleclick.net
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects hi.ru
2	odr.mookie1.com	googleads.g.doubleclick.net
2	pixel.everesttech.net	2 redirects
2	googlecm.hit.gemius.pl	2 redirects
2	d.agkn.com	2 redirects
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.tns-counter.ru	1 redirects hi.ru
2	mc.yandex.ru	1 redirects hi.ru
2	server.cpmstar.com	hi.ru server.cpmstar.com
2	counter.yadro.ru	1 redirects hi.ru
1	r4---sn-4g5ednsd.googlevideo.com	www.gstatic.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	gum.criteo.com	static.criteo.net
1	static.criteo.net	hi.ru
0	tv.hi.ru Failed	hi.ru
343	53

This site contains links to these domains. Also see Links.

Domain
search.hi.ru
mail.hi.ru
news.hi.ru
finance.hi.ru
pogoda.hi.ru
tv.hi.ru
otvet.hi.ru
games.hi.ru
online.hi.ru
soft.hi.ru
translate.hi.ru
maps.hi.ru
id.hi.ru
server.cpmstar.com
corp.hi.ru
vk.com
www.facebook.com
ok.ru
twitter.com

Subject Issuer	Validity	Valid
*.hi.ru R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
photoshosting.ru R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2020-06-30` - `2022-09-18`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-06-01` - `2021-08-10`	2 months	crt.sh
ssl.cdne.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2021-02-24` - `2022-03-28`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-06-07` - `2021-09-05`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://hi.ru/?md81
Frame ID: 66F7FB38C611861A67B624A529AF9461
Requests: 91 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hi.ru
Frame ID: 11E2EB440E92F4C18F8F39CF7446B009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html
Frame ID: F931C2C034FFE4E3210F1074BE7FC1A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1623575944&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944725&bpp=5&bdt=373&idt=76&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8780533843875&frm=20&pv=2&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=95
Frame ID: 0BADB3A610D3D477219CE192418F60DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1623575944&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944730&bpp=3&bdt=379&idt=100&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y14Oz7CNIm&p=https%3A//hi.ru&dtd=106
Frame ID: C19A0F800B0DFF825FF0609E7784B436
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1623575944&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944733&bpp=1&bdt=381&idt=112&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U3KegbfLft&p=https%3A//hi.ru&dtd=115
Frame ID: CAE9D5E6B0EA410326DF0566BE8BB9E7
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
Frame ID: 0A883CF77F32AF027E9D52E6ECB37F47
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944735&bpp=1&bdt=383&idt=174&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=y2YahBsGbk&p=https%3A//hi.ru&dtd=177
Frame ID: 215E3495FA201EE2253D75EE3B802402
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944736&bpp=1&bdt=385&idt=216&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=zMHhwKvDRi&p=https%3A//hi.ru&dtd=219
Frame ID: D772C904A14B7FB0734787F929B50D65
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254
Frame ID: 61A95337B2BA30CDCC31597964A5D8DD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262
Frame ID: 55F4B2CE58AF12E04A2928AD0D9467EA
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
Frame ID: 77B43CF413EC6D69A6518EEC5415FA68
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15B901F516F5B866EAD329FCC7660102
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
Frame ID: 78797A446E1278D5CAE078D54334CD87
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05023CD181A98227A7C3E1CDDB9D225E
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
Frame ID: 91FC439F041561EE52E99FA8C46C1EBD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D21484BE1C3F8F7E17ABAE7A928F9D4
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2A3FB74E810EEC95038E84E256A6420A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
Frame ID: B96CD1231C00A98759E9B7919DE62F48
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B7F3F9F9D42E03966D7E962001A3491F
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8B4B68EBD8DF48EF9F797CACF6AB99F4
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2B97C28B9546FA89C378509669CFA13A
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 5BC31BCF85187E5E3D253B15EDECEFD3
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 884F138E0F49EA62AA2137A4D14F15EF
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7545954D519B9CA6C76A7E17A43A3A69
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 4805FF40ABDA36CC410D0E96A7B8EDD7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: F26DC6B689CE52C5E62605B402D4A484
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 4D526F155559AA8F9367BFAA380440B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B764563FB3742CB8ECEF52079C0B0B2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: 613F6A7EE6CC13D93C0F8716EB1A638B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: 22CD75B792FC6432DBB193517DEE7C17
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: F9CA833E9D92A1E59B1C93D64A1258D1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C13B6F4FFA352048382010C021C9E89
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Frame ID: EB1C67DF6AFD5F3B5543EDE2B8A8E6D6
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Frame ID: 742FBA60D06411BF5B1CFF1C468D7F31
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Frame ID: D406317AB68ECCF78B620A5D7D7F4B43
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Frame ID: 3699DF2FDFFEDDCBC6BF6AA26F3E7664
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

343
Requests

99 %
HTTPS

61 %
IPv6

35
Domains

53
Subdomains

43
IPs

6
Countries

5351 kB
Transfer

7795 kB
Size

8
Cookies

80 Outgoing links

These are links going to different origins than the main page.

URL: http://search.hi.ru/
Title: Search

Search URL Search Domain Scan URL

URL: http://mail.hi.ru/
Title: Mail

Search URL Search Domain Scan URL

URL: https://news.hi.ru/
Title: News

Search URL Search Domain Scan URL

URL: http://finance.hi.ru/
Title: Finance

Search URL Search Domain Scan URL

URL: http://pogoda.hi.ru/
Title: Weather

Search URL Search Domain Scan URL

URL: http://tv.hi.ru/
Title: TV

Search URL Search Domain Scan URL

URL: http://otvet.hi.ru/
Title: Answers

Search URL Search Domain Scan URL

URL: http://games.hi.ru/
Title: Games

Search URL Search Domain Scan URL

URL: http://online.hi.ru/
Title: Movies

Search URL Search Domain Scan URL

URL: http://soft.hi.ru/
Title: Software

Search URL Search Domain Scan URL

URL: http://translate.hi.ru/
Title: Translator

Search URL Search Domain Scan URL

URL: http://maps.hi.ru/
Title: Maps

Search URL Search Domain Scan URL

URL: https://news.hi.ru/politics
Title: Политика

Search URL Search Domain Scan URL

URL: https://news.hi.ru/incidents
Title: События

Search URL Search Domain Scan URL

URL: https://news.hi.ru/economy
Title: Экономика

Search URL Search Domain Scan URL

URL: https://news.hi.ru/auto
Title: Авто

Search URL Search Domain Scan URL

URL: https://news.hi.ru/society
Title: Общество

Search URL Search Domain Scan URL

URL: https://news.hi.ru/sport
Title: Спорт

Search URL Search Domain Scan URL

URL: https://news.hi.ru/in-the-world
Title: В мире

Search URL Search Domain Scan URL

URL: https://news.hi.ru/culture
Title: Культура

Search URL Search Domain Scan URL

URL: https://news.hi.ru/science
Title: Наука

Search URL Search Domain Scan URL

URL: https://news.hi.ru/cosmos
Title: Космос

Search URL Search Domain Scan URL

URL: https://news.hi.ru/hi-tech
Title: Hi-Tech

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/215069
Title: Гороскоп на понедельник, 14 июня: пришло время дарить подарки и устраивать перформансы

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/215067
Title: Синоптики пообещали жару и дождь москвичам в воскресенье

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/215068
Title: Всех «под ноль»: на юге Казахстана возродили турнир по стрижке овец

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/215062
Title: Подземная красота: казахские ученые показали живописные ущелья в степях Мангыстау Сегодня, 6:51 Туристы со всего Казахстана отправляются в подземные ущелья на полуострове Мангышлак. Это одна из

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/215063
Title: Земская медицина: как сельская поликлиника на Южном Урале привлекает специалистов? Сегодня, 6:44 Жителям села Чесма на Южном Урале больше не нужно ездить на медицинские обследования в Челябинск за 200 километров.

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/215052
Title: Замглавы центра Гамалеи не исключил появления «московских» штаммов коронавируса 12.06.2021, 23:16 Замдиректора центра Гамалеи Денис Логунов рассказал президенту РФ Владимиру Путину, что могут появиться «московские»

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/215053
Title: Торжества в честь Дня России прошли в Минске 12.06.2021, 21:30 День России стал праздником не только для россиян, но и для многих жителей Беларуси. Торжества прошли в Минске. Что вошло в праздничную программу и какой была официальная часть, расскажет

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics
Title: Политика

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/215050
Title: Завоевать доверие: кандидаты в депутаты Армении выступают во дворах и на площадях 12.06.2021, 20:51 Первая неделя предвыборной агитационной кампании в Армении подходит к концу. Кандидаты разъезжают по стране, выступают во дворах и на площадях. Что предлагают партии и блоки, расскажет корреспондент «МИР 24» Анна

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/215051
Title: Президент Азербайджана принял верительные грамоты у послов ряда стран 12.06.2021, 18:42 Президент Азербайджана принял верительные грамоты у послов иностранных государств.В беседе с новоназначенным

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/215043
Title: К досрочным парламентским выборам в Армении напечатают рекордное число бюллетеней 12.06.2021, 17:18 Рекордное количество бюллетеней напечатают в Армении к досрочным парламентским выборам – 66 миллионов 925 тысяч. До дня

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/215009
Title: Путин назвал «ерундой» данные, что Россия собирается поставить Ирану спутниковые системы 12.06.2021, 12:14 Президент России Владимир Путин назвал «ерундой» данные о том, что Россия готовится продать Ирану спутниковые системы

Search URL Search Domain Scan URL

URL: http://news.hi.ru/economy
Title: Экономика

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world
Title: В мире

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world/215064
Title: Взрыв газа в Китае привел к гибели 11 человек, 37 находятся в критическом состоянии

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world/215055
Title: Бросивший муку в политика мужчина арестован во Франции

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world/215039
Title: При стрельбе в Чикаго один человек погиб, девять пострадали

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport
Title: Спорт

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/215065
Title: Паралимпиец из Бишкека выиграл грант и отремонтировал спортзал Сегодня, 6:57 Двукратный призер чемпионата Азии по пара-армрестлингу Канат Абдыжапаров из Бишкека отремонтировал тренажерный зал, в котором занимаются спортсмены с ограничениями по здоровью. Когда-то он и сам приходил сюда на

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/215056
Title: Футболисты сборной России крупно уступили команде Бельгии в матче Евро-2020 12.06.2021, 23:53 Футболисты сборной Бельгии обыграли команду России в матче чемпионата Европы. Встреча группы В прошла на стадионе

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/215057
Title: Бесплатный проезд на транспорте и оркестр: в Баку для болельщиков Евро создали комфортные 12.06.2021, 21:54 Сегодня Баку впервые принял матч чемпионата Европы по футболу. На этом турнире в столице Азербайджана пройдут еще три

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/215047
Title: Футболист сборной Дании Кристиан Эриксен потерял сознание во время матча 12.06.2021, 21:04 Сейчас весь футбольный мир молится за одну из главных звезд чемпионата Европы Кристиана Эриксена.Датский полузащитник

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto
Title: Авто

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144911
Title: Porsche привез в Россию новый Macan Turbo

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144924
Title: Ульяновский завод Bridgestone начал поставки зимних шин в Европу

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144885
Title: Самые возрастные владельцы автомобилей LADA ездят на внедорожнике 4x4

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144960
Title: Renault Arkana появился в российском каршеринге

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech
Title: Hi-tech

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148177
Title: Каждого пятого реактора российских вузов поймали на плагиате

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148174
Title: Redmi выпустит флагман на Snapdragon 855 Plus дешевле конкурентов

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148170
Title: Google запустила горячую линию для звонков роботу

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148176
Title: Американские военные констатировали, что НАТО слабее России

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148171
Title: Беспроводные наушники научили разблокировать смартфон и подтверждать платежи

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148175
Title: Найден способ продления срока службы Международной космической станции

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148172
Title: Huawei презентовала «умный» телевизор

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148173
Title: Huawei представила новые «умные» часы с двухнедельной продолжительностью работы

Search URL Search Domain Scan URL

URL: http://news.hi.ru/incidents
Title: События

Search URL Search Domain Scan URL

URL: https://id.hi.ru/reg
Title: Create account

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=463143&creativeid=1250931&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=446339&creativeid=1182522&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=465873&creativeid=1261929&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=467326&creativeid=1268291&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://pogoda.hi.ru/?city_id=524901
Title: Погода

Search URL Search Domain Scan URL

URL: http://maps.hi.ru/?l=524901
Title: Пробки

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/
Title: О проекте

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/adv
Title: Реклама

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/contact
Title: Контакты

Search URL Search Domain Scan URL

URL: https://vk.com/hi_ru_official

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hiruportal/

Search URL Search Domain Scan URL

URL: https://ok.ru/hi.ru.official

Search URL Search Domain Scan URL

URL: https://twitter.com/hi_ru_official

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/vk.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/fb.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/ok.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/google.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/mailru.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/twitter.php

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.5790534349931811 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.5790534349931811

Request Chain 67

https://www.tns-counter.ru/V13a***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/543872641 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/543872641

Request Chain 73

https://sb.scorecardresearch.com/b?c1=2&c2=20651854&ns__t=1623575944791&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1623575944791&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=

Request Chain 83

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9303.xYgcwZFusy7A6Js1xzV6ZvDcAApZbGxxB6iQ4HZW69iw-ma8Ngsh6vJw_BEt81hs.-wjw-UyVmvt8IZILEEt6qByUIe4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9303.r6QxZ6UoC0BdEjiVjKRiVAUpmuihjvc8LfF-hyIpKVeQWvl5wihQGQpl40_dIGN0OL30oVH5eYozWUy107LmUA%2C%2C.tMNA3bZzSeSo_5M75fHxy9nmeIw%2C

Request Chain 98

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLYYelwReLli1xxWZCF3VZGxqwyVTJwv_kHfUp4YIDaNWnsCSh19pP6lzJB2fZ4jX-47mU5L6OyZDaTbA8dXim-kbq8n-nO&google_gid=CAESED1sMxJzDAahhngSw1ae8C4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLYYelwReLli1xxWZCF3VZGxqwyVTJwv_kHfUp4YIDaNWnsCSh19pP6lzJB2fZ4jX-47mU5L6OyZDaTbA8dXim-kbq8n-nO&google_gid=CAESED1sMxJzDAahhngSw1ae8C4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTMwOTE5MDU5NjkzNjM3MjIyMDU4Nw%3D%3D&google_push=AYg5qPLYYelwReLli1xxWZCF3VZGxqwyVTJwv_kHfUp4YIDaNWnsCSh19pP6lzJB2fZ4jX-47mU5L6OyZDaTbA8dXim-kbq8n-nO

Request Chain 99

https://rtb.openx.net/sync/dds?google_gid=CAESEJ1W3Dk_CN9Jr_S0DSsEUbc&google_cver=1&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEJ1W3Dk_CN9Jr_S0DSsEUbc&google_cver=1&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Request Chain 100

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIeF39b2FFUwrioyG9foOZk&google_cver=1&google_push=AYg5qPLzIBPis-F0rvDNxPrpnGC9-xEIPYqfIa6Y_Z814HWEN0jlejvkBJe349neWGhZHtq7NdazuJqjcT76Ht-BN_MX3fygE286 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIeF39b2FFUwrioyG9foOZk&google_cver=1&google_push=AYg5qPLzIBPis-F0rvDNxPrpnGC9-xEIPYqfIa6Y_Z814HWEN0jlejvkBJe349neWGhZHtq7NdazuJqjcT76Ht-BN_MX3fygE286&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzIBPis-F0rvDNxPrpnGC9-xEIPYqfIa6Y_Z814HWEN0jlejvkBJe349neWGhZHtq7NdazuJqjcT76Ht-BN_MX3fygE286

Request Chain 101

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDIzRqKZ9rvid3hJxirbGfo&google_cver=1&google_push=AYg5qPKDCQj93ZRUFUOHf5_z7_YOIkvhq_zEHLCjoF-35ThCwctppj8IymVZgoKXwsTxH_-udIo2fs2E9vQE_CSRm6XwxOyUzfU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc0WU0tTS01V081&google_push=AYg5qPKDCQj93ZRUFUOHf5_z7_YOIkvhq_zEHLCjoF-35ThCwctppj8IymVZgoKXwsTxH_-udIo2fs2E9vQE_CSRm6XwxOyUzfU

Request Chain 102

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_cver=1&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08

Request Chain 115

https://mc.yandex.com/watch/27131102?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1346738797336%3Ahid%3A430217054%3Az%3A120%3Ai%3A20210613111904%3Aet%3A1623575945%3Ac%3A1%3Arn%3A604140689%3Au%3A1623575945267964133%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623575944166%3Ads%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C284%2C28%2C%2C%2C%2C470%3Adsn%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C244%2C28%2C%2C%2C%2C470%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623575945%3At%3AHi.ru HTTP 302
https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1346738797336%3Ahid%3A430217054%3Az%3A120%3Ai%3A20210613111904%3Aet%3A1623575945%3Ac%3A1%3Arn%3A604140689%3Au%3A1623575945267964133%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623575944166%3Ads%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C284%2C28%2C%2C%2C%2C470%3Adsn%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C244%2C28%2C%2C%2C%2C470%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623575945%3At%3AHi.ru

Request Chain 128

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAoJRwYodqCfP9v2NaaDDM4&google_cver=1&google_push=AYg5qPIVcxhrUusYWHwgzzSKFu9_GC1-li6R4hHdtj8E7awUz4-b1zBgaRQNjuEhgtG_PvpumzFMeWA0NecoOLpvaiqvUyRy06sY HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVcxhrUusYWHwgzzSKFu9_GC1-li6R4hHdtj8E7awUz4-b1zBgaRQNjuEhgtG_PvpumzFMeWA0NecoOLpvaiqvUyRy06sY&google_hm=IXgXZvavI8pOgeyLGUMj1g

Request Chain 129

https://d.agkn.com/pixel/2175/?google_gid=CAESECs8vftB3Y4MZcx_Hn8FlBI&google_cver=1&google_push=AYg5qPLzacJ5laTvqfs8k4FoIlyEXI2IxZ0R_fqCE8ol1QWw06CGxX_scvuZFXp8ZbZWZVDhYkM9mWhhtRQXi7JjR9W2KmIZdM-d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLzacJ5laTvqfs8k4FoIlyEXI2IxZ0R_fqCE8ol1QWw06CGxX_scvuZFXp8ZbZWZVDhYkM9mWhhtRQXi7JjR9W2KmIZdM-d&google_hm=Q0FFU0VDczh2ZnRCM1k0TVpjeF9IbjhGbEJJ

Request Chain 130

https://rtb.openx.net/sync/dds?google_gid=CAESEKKvPdzHmSaAy8vUt-sQWqQ&google_cver=1&google_push=AYg5qPIoN7J9o983OflEM5oryhAlK-AOhk4bRrQggXqRsEoLXBPeuLTjwWWp6R15sE7TK_OTTGyb71LQ9LCKjpwULRspCkV6jfY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIoN7J9o983OflEM5oryhAlK-AOhk4bRrQggXqRsEoLXBPeuLTjwWWp6R15sE7TK_OTTGyb71LQ9LCKjpwULRspCkV6jfY&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Request Chain 131

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAqmBicpSvrp6t1xXT0hCJ0&google_cver=1&google_push=AYg5qPLwHznjX26F9hmJvum2ZwHJYnQIt-dxZduzQuajInEXUPlDafRnNtbBJ5r30OrgakcJkVTV2U7RJCDokjLcCtUPFezIpJB1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLwHznjX26F9hmJvum2ZwHJYnQIt-dxZduzQuajInEXUPlDafRnNtbBJ5r30OrgakcJkVTV2U7RJCDokjLcCtUPFezIpJB1

Request Chain 132

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFQdaFdg7YS7QIK1b0J0AhA&google_cver=1&google_push=AYg5qPIn06wE6fUbUjy_6AWVEEP7CXh25aP5izmYAjBMTcw68RXjiFbEUtvgWQMtKTz9hiLEYaT08Z5U5i9SASLyYfKomBjvwD1m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1ME0tOC00R0VG&google_push=AYg5qPIn06wE6fUbUjy_6AWVEEP7CXh25aP5izmYAjBMTcw68RXjiFbEUtvgWQMtKTz9hiLEYaT08Z5U5i9SASLyYfKomBjvwD1m

Request Chain 133

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIJ_tRoxPcowq1FF2ETBFOw&google_cver=1&google_push=AYg5qPI8ulVXT9qmWfcSi2xZ8gi1_yjSA8DEOptKDW-8eCnqwQ3YdRau6NPOE4eq6IclANWFV-AiUe36MsXSg4iDX9LJ6EIkFUtl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPI8ulVXT9qmWfcSi2xZ8gi1_yjSA8DEOptKDW-8eCnqwQ3YdRau6NPOE4eq6IclANWFV-AiUe36MsXSg4iDX9LJ6EIkFUtl&google_hm=U4RYhflGTTyYB9l32EL4Ww

Request Chain 134

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDMAMH4JKA9MqLZbVBDk9HQ&google_cver=1&google_push=AYg5qPK9TgjHqBikxzhc2RrTBmfDSUE0VQEBXswm18kSMAb9r43O5bv9fqJNdAsodt52x_IMjF11IFERb7s_61HdROHrF9nu9mmGgA HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9TgjHqBikxzhc2RrTBmfDSUE0VQEBXswm18kSMAb9r43O5bv9fqJNdAsodt52x_IMjF11IFERb7s_61HdROHrF9nu9mmGgA&google_hm=

Request Chain 136

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELW2L3HRBe-2tDbtwZi7gQ&google_cver=1&google_push=AYg5qPKZkxrn94W8n_oYBJ9qMrnkEkVzavlbCADuBTzo1sVxs4BKiUcV64nBtMMSdQBfpWDj0AsG31q4gMw3burVy9c_jIeEWKI HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKZkxrn94W8n_oYBJ9qMrnkEkVzavlbCADuBTzo1sVxs4BKiUcV64nBtMMSdQBfpWDj0AsG31q4gMw3burVy9c_jIeEWKI&google_hm=IXgXZvavI8pOgeyLGUMj1g

Request Chain 137

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJYS21NmRVB1BVI4b52NnNMwsJSm5IF4G5aT-0t2wEV38u3ezrndCFv5LN9lyXqjuZgFqktgJNj0TUUQ6OrFhNBNwPvvIQ&google_gid=CAESEGcVuST2VSoqlTjU-mbPqKA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCYTNMeERiOA&google_push=AYg5qPJYS21NmRVB1BVI4b52NnNMwsJSm5IF4G5aT-0t2wEV38u3ezrndCFv5LN9lyXqjuZgFqktgJNj0TUUQ6OrFhNBNwPvvIQ

Request Chain 139

https://rtb.openx.net/sync/dds?google_gid=CAESEHf0O3rUUjoe2ki1RD2MWaI&google_cver=1&google_push=AYg5qPKVptNx2xo-SR74vrp3kGkrICuGgj1c2mepzKa6H63GO5FkkKS1kg7jj91pkg3w8VO5sC1BoqrxOfvXuYVp36fGEb89Lic HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKVptNx2xo-SR74vrp3kGkrICuGgj1c2mepzKa6H63GO5FkkKS1kg7jj91pkg3w8VO5sC1BoqrxOfvXuYVp36fGEb89Lic&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Request Chain 140

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFwPeV4R70dlMCbzYVyEI5A&google_cver=1&google_push=AYg5qPJBgT4XR9h1vy-LEPewQfdf3131FJGITIArvFWghVvi_a3bOeCTCD74xRRUsYQP_jNkyNAgkBeZv8PN-vXx36zDUIKvvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJBgT4XR9h1vy-LEPewQfdf3131FJGITIArvFWghVvi_a3bOeCTCD74xRRUsYQP_jNkyNAgkBeZv8PN-vXx36zDUIKvvw

Request Chain 141

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGqUBSYD8f54_KT6W2LXv70&google_cver=1&google_push=AYg5qPKaCTjpr95PNnxhjwe0mwGnG3XK6dybekO78lOe6lr4rUFxJBPkhcJWoK24i0-mvEZP7dHfZZfllGbpdAJaZVvXK9MA7cA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1MVktMUItTEJYRw==&google_push=AYg5qPKaCTjpr95PNnxhjwe0mwGnG3XK6dybekO78lOe6lr4rUFxJBPkhcJWoK24i0-mvEZP7dHfZZfllGbpdAJaZVvXK9MA7cA

Request Chain 142

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_cver=1&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4

Request Chain 164

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELqGFODOa10d6nIu0-dcwT0&google_cver=1&google_push=AYg5qPLQgXnCoWggh1W5LFt5qQFrBdrYmmWUnaUPsFBP3sqqLvhBWMBo_3kpeTR2QAIXhtaSO0GJ1kVkl83dzjguogLc1YTRHau8 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLQgXnCoWggh1W5LFt5qQFrBdrYmmWUnaUPsFBP3sqqLvhBWMBo_3kpeTR2QAIXhtaSO0GJ1kVkl83dzjguogLc1YTRHau8&google_hm=IXgXZvavI8pOgeyLGUMj1g

Request Chain 166

https://rtb.openx.net/sync/dds?google_gid=CAESEOQpzlmloiWHihmfaaaJj_Q&google_cver=1&google_push=AYg5qPKzJ1cg3qUP7drLI5REPLRPBrW6mI7OIAW3lBEkPg1cbrmukVcGL9MYhkAChFcp5RMCgGKSIPIBLpQPVk1edJQH3XH4SyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKzJ1cg3qUP7drLI5REPLRPBrW6mI7OIAW3lBEkPg1cbrmukVcGL9MYhkAChFcp5RMCgGKSIPIBLpQPVk1edJQH3XH4SyI&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Request Chain 167

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOSyEkqn-3aLxN48MKiKGbs&google_cver=1&google_push=AYg5qPLE2wGE9muqUvJc4PjFPedAlnuOlATe57rpJyr7VDnRVPLk4rmqfsdIrEqxazUn5_RelVGlSJw0lcsBRGvqmM7P-wrcDewU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLE2wGE9muqUvJc4PjFPedAlnuOlATe57rpJyr7VDnRVPLk4rmqfsdIrEqxazUn5_RelVGlSJw0lcsBRGvqmM7P-wrcDewU

Request Chain 168

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI8pUKJ_3oWwKtt6hWJpBMA&google_cver=1&google_push=AYg5qPKO5T3T8qjAY616eFa4hrS8xexrbBMT5H4eDygbxPwjujaK6TYjdGDp8PmCiv6jDHCTJuSMbb_E_93dBlDwfAXUool9Ha_o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1NTktMUstOExDVQ==&google_push=AYg5qPKO5T3T8qjAY616eFa4hrS8xexrbBMT5H4eDygbxPwjujaK6TYjdGDp8PmCiv6jDHCTJuSMbb_E_93dBlDwfAXUool9Ha_o

Request Chain 169

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg&google_cver=1&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg

Request Chain 170

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENNTZdP0fNOlKs2TU-9SENk&google_cver=1&google_push=AYg5qPKsrPc442M9w0CrN7kyvQOBrf_bfkvGFMxlaB22U12bzFm5mmwjXb0RmeS8lVYmDMQ6azK150YzFLgGjkY8h4zWCPwyN6CI HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKsrPc442M9w0CrN7kyvQOBrf_bfkvGFMxlaB22U12bzFm5mmwjXb0RmeS8lVYmDMQ6azK150YzFLgGjkY8h4zWCPwyN6CI&google_hm=

Request Chain 193

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3kbfNeRCwCRiwCTIIIV2ndAd2FLA HTTP 301
https://tpc.googlesyndication.com/simgad/12939242301588677835

Request Chain 241

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECGsa1J1A1Q-f69RsCePBic&google_cver=1&google_push=AYg5qPIotdTI_g9LTZ319S-1AHORPUDvH_KsQ02G15Xdva2h1YTA810jTXj7XWziggvmrowh2qk7ZRz8eHYvtxX7eG3beVXUNoBo HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIotdTI_g9LTZ319S-1AHORPUDvH_KsQ02G15Xdva2h1YTA810jTXj7XWziggvmrowh2qk7ZRz8eHYvtxX7eG3beVXUNoBo&google_hm=IXgXZvavI8pOgeyLGUMj1g

Request Chain 242

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJKOS_O2FlNjVu1ueG-JGM_G0D_KMy3K_beDEhP0mY6mp9YLJW30BYMrtmqSp6HVEpeQkvizA-Q2DmZ0a4l5xqvZEXhz5Tf&google_gid=CAESEFK7YhL_E7nmBSP0SPSbJ_g&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCRVVHdkIyZg&google_push=AYg5qPJKOS_O2FlNjVu1ueG-JGM_G0D_KMy3K_beDEhP0mY6mp9YLJW30BYMrtmqSp6HVEpeQkvizA-Q2DmZ0a4l5xqvZEXhz5Tf

Request Chain 243

https://d.agkn.com/pixel/2175/?google_gid=CAESEPDl5KOIdI-15ZvW45vJ2g8&google_cver=1&google_push=AYg5qPJxulY-Hfz15LKO-2p0xGT24gksx7ku2Uyx7UheZeSONXVWwKQd6MUvxTW_n2BUJGD6gb_jqgywZPqN1PUKZI4AtJkcy3kR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJxulY-Hfz15LKO-2p0xGT24gksx7ku2Uyx7UheZeSONXVWwKQd6MUvxTW_n2BUJGD6gb_jqgywZPqN1PUKZI4AtJkcy3kR&google_hm=Q0FFU0VQRGw1S09JZEktMTVadlc0NXZKMmc4

Request Chain 244

https://rtb.openx.net/sync/dds?google_gid=CAESEA5ySv297xdENqwR5uE4Oko&google_cver=1&google_push=AYg5qPIYI1ygDCEyW8XBTzAAKyYUaKBEXyuwpAnAbIGmrlx5ebw4HlKk3igJ8zBJDaozRKnDafDTgZFbMut1Ho6a6IT2uE_2nO7r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYI1ygDCEyW8XBTzAAKyYUaKBEXyuwpAnAbIGmrlx5ebw4HlKk3igJ8zBJDaozRKnDafDTgZFbMut1Ho6a6IT2uE_2nO7r&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Request Chain 245

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECmRy2iI0iIvG8Jx83APrdo&google_cver=1&google_push=AYg5qPJf_04wLwvjk3l-Sub6HAOsqBub7eBaR7u0K_aUW8fyiKB9_pnfVUjs9ghHPsiXHq9ulRYOCR0yer_FgiMZn6sTP76Wz0Fa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJf_04wLwvjk3l-Sub6HAOsqBub7eBaR7u0K_aUW8fyiKB9_pnfVUjs9ghHPsiXHq9ulRYOCR0yer_FgiMZn6sTP76Wz0Fa

Request Chain 246

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN1jH0H_BM7uOv3-qD0KmI0&google_cver=1&google_push=AYg5qPLxr0TLLxRlEfLVkm5QXdIrU2Cud-NNhTPVKAiR2kUpF5o-2EvHNBA0uLUMKOmtdNaWSGW_6ZlGppOxSIcfnr8M1vUHv0o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1SkYtSS01UDUx&google_push=AYg5qPLxr0TLLxRlEfLVkm5QXdIrU2Cud-NNhTPVKAiR2kUpF5o-2EvHNBA0uLUMKOmtdNaWSGW_6ZlGppOxSIcfnr8M1vUHv0o

Request Chain 247

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_cver=1&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU-

343 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hi.ru/ 116 KB
28 KB 182ms
52ms Document
text/html 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: b09b65d9a26019fb6c7812331f76164e9c55224a9f49f6f4b1b3dd2312fdaa61

Request headers

:method: GET
:authority: hi.ru
:scheme: https
:path: /?md81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache
cache-control: max-age=0
expires: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 8 KB
825 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 08:12:14 GMT
server: ESF
date: Sun, 13 Jun 2021 09:19:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 09:19:04 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
hi.ru/js/ 91 KB
32 KB 79ms
78ms Script
application/javascript 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/js/jquery-1.10.2.min.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

:path: /js/jquery-1.10.2.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
last-modified: Thu, 20 Nov 2014 15:26:10 GMT
server: nginx
etag: W/"546e0812-16bb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 main.css
hi.ru/assets/ 92 KB
14 KB 68ms
68ms Stylesheet
text/css 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/main.css
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: eaf394f0cf1614e22d265d916398cc14562c0bfa73a6f90af26e068dd76e4dd2

Request headers

:path: /assets/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2017 12:02:09 GMT
server: nginx
etag: W/"591d8d41-16e60"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 widget.css
hi.ru/assets/ 2 KB
964 B 68ms
68ms Stylesheet
text/css 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/widget.css
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 390cdd2401b8a6d820152f5d1c9c0070833f95a983b81b988498bb14daf99c5f

Request headers

:path: /assets/widget.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:07:58 GMT
server: nginx
etag: W/"5893595e-9d0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 75ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:10:01 GMT
server: nginx
etag: W/"60b79139-1d469"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d88e36cfd8eada9864ce6d2f583de57913a2b6f2ea013fabc72cf5f1011fa27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48395
x-xss-protection: 0
server: cafe
etag: 16872819095905553886
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 09:19:04 GMT

GET
H2 200 162357540295672.jpg
photoshosting.ru/ 10 KB
10 KB 231ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540295672.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 34905084b2f62a0e3e2e98f396cacc21cd23f202a98cf08559b83affe441f76f

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "287d-5c4a21b7ee8a6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10365
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540246692.jpg
photoshosting.ru/ 8 KB
8 KB 190ms
87ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540246692.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 553bd9a2b65279dc3a4325734238d30718a8f66e5f047fd339b21bdf7f9b784c

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "2052-5c4a21b7ee8a6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8274
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540268626.jpg
photoshosting.ru/ 9 KB
9 KB 189ms
86ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540268626.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 0d4407c36e48c5acc77db1bc4ee420351b66bfd467d7e8ba74e6e571e66db97c

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "24ef-5c4a21b7f0fb6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9455
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540221408.jpg
photoshosting.ru/ 14 KB
14 KB 149ms
46ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540221408.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 5f5393ca4208b772abed4bb97d0d114c7713aa7cadf4628af61255481f45d9bf

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "388b-5c4a21b7f36c6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14475
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540251296.jpg
photoshosting.ru/ 7 KB
7 KB 224ms
121ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540251296.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 02656fafcbe64a5c30e92f92050de30db47cbdde805656e70e1d65405b096b65

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "1be6-5c4a21b7f36c6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7142
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540266865.jpg
photoshosting.ru/ 10 KB
10 KB 221ms
118ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540266865.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: effab5009f8d5adcac3e02c4a7f72b5f4141f7ef96ee54288b842542a81bc74a

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "27e5-5c4a21b7f5dd6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10213
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540311774.jpg
photoshosting.ru/ 10 KB
10 KB 128ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540311774.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 69b8f18459f46dcd677782736715b4015529b360a0c09bac2950a355f35f8a1a

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "275f-5c4a21b7f84e6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10079
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540377541.jpg
photoshosting.ru/ 7 KB
7 KB 127ms
125ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540377541.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: f7a44b819cdb49ab48dd2aea474cd74330d07a0b6475b33347c3512398f44d9e

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "1b75-5c4a21b7f84e6"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7029
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540388585.jpg
photoshosting.ru/ 24 KB
25 KB 128ms
125ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540388585.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8067f8a8959d94e6e5a498a640a7258ff8810c73570dd9724e42444243ef7723

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "6108-5c4a21b809655"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24840
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540311260.jpg
photoshosting.ru/ 27 KB
27 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540311260.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 9a49201cea2d93ea7da822446018ebe84fb8d062f95f65b65af7f47ade2988a4

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "6bc1-5c4a21b80bd65"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 27585
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540365636.jpg
photoshosting.ru/ 19 KB
19 KB 128ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540365636.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 607060ee37b5b59294153dbacbc38c3abd970a3cb2c4bbb178029b03f7af3792

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "4ad9-5c4a21b80e475"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 19161
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540391065.jpg
photoshosting.ru/ 21 KB
21 KB 128ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540391065.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 3f29c371f2e0c5bf0af3b89afe456c53b18e506cf451471e6ea3c296e8ed1b3e

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "5242-5c4a21b810b85"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 21058
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540386320.jpg
photoshosting.ru/ 14 KB
14 KB 129ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540386320.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: e3a1c01861e17d51bec3f04d3e0253f5984f7f0abbc71254ab418e4520edbc6d

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "37e9-5c4a21b810b85"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14313
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540348253.jpg
photoshosting.ru/ 14 KB
14 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540348253.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8d2282f124fb7fa8bc830806064dd4004ec8550807e01191027f5880483196f6

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "3773-5c4a21b813295"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14195
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540390042.jpg
photoshosting.ru/ 12 KB
12 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540390042.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: e5c95a02146d4b7fddb4981368a540efda6acc03938cbd3c1e294ef9f8b83cf1

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "2e65-5c4a21b8159a5"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11877
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540412521.jpg
photoshosting.ru/ 9 KB
9 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540412521.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8946d4f87f3c79a7ef438695bae478433c1fc176cb2a3d1a1ee167b3de6e3dac

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "2469-5c4a21b821cf5"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9321
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540439248.jpg
photoshosting.ru/ 5 KB
5 KB 128ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540439248.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: af87dd0a91f10cb6c35af0b4ecc86df4cdc772d73222cbf43e998a0ca6d9fb18

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "1429-5c4a21b821cf5"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5161
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540483350.jpg
photoshosting.ru/ 4 KB
4 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540483350.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: edc3a0ad539531bd40ae350cbdd4770c95149d47c226aac2d415dc66fb17591f

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "10df-5c4a21b824405"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4319
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540440212.jpg
photoshosting.ru/ 4 KB
5 KB 128ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540440212.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: c2fbe8d3fa0d0fc9e410f6e538e2fde3369b477bcfa1033abbb42eadd33705b0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "115e-5c4a21b824405"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4446
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540496233.jpg
photoshosting.ru/ 10 KB
10 KB 130ms
128ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540496233.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 22e506a14ca788af664b7dcc3903bc7a8909ca06183e9c01f6e29e0dbfa0c145

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "28a9-5c4a21b835574"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10409
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 green.png
hi.ru/images/ 1 KB
2 KB 46ms
43ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/images/green.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 41ab83e27acc60d34b77d7d6e5e65e3646d0b083f50f7fac1c8687a3f18d9a1d

Request headers

:path: /images/green.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 20 Nov 2014 15:27:30 GMT
server: nginx
etag: "546e0862-55a"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1370
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 qdown.png
hi.ru/img/ 1 KB
1 KB 46ms
42ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/qdown.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1cfdb43297e916e2da546a244903e8eb3d0baf67620dda087399548c2e7afddf

Request headers

:path: /img/qdown.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-404"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1028
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 qup.png
hi.ru/img/ 1023 B
1 KB 47ms
44ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/qup.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: ea0269a93ceb6cb9f7b0cda0b251de17323690136dec4f059109e6c6909a150f

Request headers

:path: /img/qup.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-3ff"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1023
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 s-vk.png
hi.ru/img/ 2 KB
2 KB 46ms
43ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-vk.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: dabba4011fb5c6cb64e46386a598022f8cdaaa6370c5d3e81e253585d9541b0d

Request headers

:path: /img/s-vk.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-66e"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1646
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 s-fb.png
hi.ru/img/ 1 KB
2 KB 48ms
45ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-fb.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1606c243d646bbbc486c09453274d8fcc058f4bc6d3d52b54350a38027750ea2

Request headers

:path: /img/s-fb.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-5e9"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1513
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 s-ok.png
hi.ru/img/ 2 KB
2 KB 48ms
45ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-ok.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8763c7cee404235584c03d712187e2aac4355da9b405f1fc406af91ae15e873a

Request headers

:path: /img/s-ok.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-6d6"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1750
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 s-tw.png
hi.ru/img/ 2 KB
2 KB 47ms
44ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-tw.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e566ca5478f1ebc1d7c117362af3aca30b57cd0b988e4ce62c7039e1793c1409

Request headers

:path: /img/s-tw.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-636"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1590
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 vk.png
hi.ru/img/s/ 1 KB
1 KB 50ms
48ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/vk.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: d8738f1a40f1f64f8561fe5924e4fb9134be21eeaa73c7f0adae5df353294ec6

Request headers

:path: /img/s/vk.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-50d"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1293
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 fb.png
hi.ru/img/s/ 1 KB
1 KB 48ms
46ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/fb.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 704fb2fb51023c7f361e779a1448e30de7b2c347652e359aec3f71b1156abdc6

Request headers

:path: /img/s/fb.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-49f"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1183
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 ok.png
hi.ru/img/s/ 1 KB
2 KB 48ms
46ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/ok.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 64fedf0f1f511c637ed27216292fed7ff26dfa03c4215cf2d6a37344d03f6001

Request headers

:path: /img/s/ok.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-5ae"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1454
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 gp.png
hi.ru/img/s/ 1 KB
2 KB 50ms
48ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/gp.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: d5d8dc69aa87c483b4fe658a37d73a8492c874eabbac539b90f7101c4458ec4f

Request headers

:path: /img/s/gp.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-5b3"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1459
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 ma.png
hi.ru/img/s/ 2 KB
2 KB 49ms
47ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/ma.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6430a5609cdd61e8ec8b87c2f32a4b8010a93fca76e4737387673b788afd9a82

Request headers

:path: /img/s/ma.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-732"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1842
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 tw.png
hi.ru/img/s/ 1 KB
2 KB 48ms
47ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/tw.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e14245edb66438db8f4b062f463e708132f41762649ddb809dddb5c9f8eb9987

Request headers

:path: /img/s/tw.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-59f"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1439
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 main.js Show response
hi.ru/assets/ 526 KB
118 KB 48ms
48ms Script
application/javascript 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/main.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: bd49298c921b316356e1457a8ff2a9f19c0d069415e8a014f1d6ea6511000787

Request headers

:path: /assets/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2017 13:28:36 GMT
server: nginx
etag: W/"595b9804-836e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:37:01 GMT
x-content-type-options: nosniff
age: 99723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:37:01 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.5790534349931811
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.5790534349931811

43 B
528 B

55ms
55ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.5790534349931811

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:04 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:04 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.5790534349931811
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 12 Jun 2020 21:00:00 GMT

GET
H/1.1 200
OK textad_async_v100.pack.js Show response
server.cpmstar.com/cached/js/ 4 KB
2 KB 1118ms
176ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/cached/js/textad_async_v100.pack.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7a43a6dd7dbbb0103a0968e7efa25d85a0c1b6951d558fa7d3a93f2b7e07aa42

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:19:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:31:54 GMT
Server: Microsoft-IIS/10.0
ETag: "031d21baf58d71:0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1230

GET
H2 200 162357540113138.jpg
photoshosting.ru/ 60 KB
60 KB 127ms
125ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540113138.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 4037e26876df4ce62c60ce2580b3f10c1b359fe10657673463982a2294d42fec

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "f00e-5c4a21b7e7376"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 61454
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540235428.jpg
photoshosting.ru/ 54 KB
54 KB 128ms
125ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540235428.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: aa540475fc0d3a45012fedb84aedf3382c5f19bfaab09bb6256a02234a9f1254

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "d8a7-5c4a21b7e9a86"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 55463
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540258027.jpg
photoshosting.ru/ 30 KB
30 KB 128ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540258027.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: c207f4ede81479d1e6ce6636a9b5a8919f13286d2db1079c1d3cbe24f85194ec

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "76ea-5c4a21b7ec196"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 30442
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 calendar.png
hi.ru/img/ 1 KB
1 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/calendar.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: b0444809862b2227d687d9248c429aff81d18fd75a872fd7712e1402e2305f1c

Request headers

:path: /img/calendar.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/assets/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-468"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1128
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 nav.png
hi.ru/img/ 1 KB
2 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/nav.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 26de7ddc151567db6158dbb2e730c21f7bdb291354b1a88a9e4123cb6ec455b0

Request headers

:path: /img/nav.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/assets/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-54b"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1355
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 mail-box-arrow.png
hi.ru/img/ 1 KB
1 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/mail-box-arrow.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3ed14ffcf48a4f46614b93bb468c59b4a04917a0997f3db67bf5aede6cd09ef2

Request headers

:path: /img/mail-box-arrow.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/assets/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-410"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1040
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 weather_sprite_36.png
hi.ru/images/weather/ 66 KB
67 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/images/weather/weather_sprite_36.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/widget.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8d9b5eb29b4bde77d7ab2fce99c079aba5ee1099640271987ff9a10df97b06ca

Request headers

:path: /images/weather/weather_sprite_36.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi.ru
referer: https://hi.ru/assets/widget.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://hi.ru/assets/widget.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 16:09:05 GMT
server: nginx
etag: "589359a1-10913"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 67859
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 162357540583197.jpg
photoshosting.ru/ 14 KB
15 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540583197.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 610063459e0f671914030c46b592f98ec94f02db50ed421cfb42497624ae8312

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "39cf-5c4a21b83caa4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14799
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540517335.jpg
photoshosting.ru/ 13 KB
13 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540517335.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 4be63140c8bf9a35c7abf0cdb34e39a842e785494cd43e9c10ec67511176c664

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "32a3-5c4a21b83f1b4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12963
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540583671.jpg
photoshosting.ru/ 8 KB
8 KB 128ms
126ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540583671.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: dafc04effe2148feac292c669022e14142d315c77b8bced1249ed56f6a3779d6

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "2009-5c4a21b8418c4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8201
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540724158.jpg
photoshosting.ru/ 13 KB
13 KB 130ms
128ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540724158.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: e21f33da8e28fb713d91137b37ed7f306c202d5016565482039f43986c26ded8

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "337e-5c4a21b8418c4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13182
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540780654.jpg
photoshosting.ru/ 12 KB
12 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540780654.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 3022368e5c6384747673ca4844bb4b4590c10329e49c1eb92994bed40e294e63

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "3055-5c4a21b843fd4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12373
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540746183.jpg
photoshosting.ru/ 10 KB
11 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540746183.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8da561f081745a33ae923b7adc6d8644a80e2ca3c0b1ce34912a35809dd450f0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "293b-5c4a21b8466e4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10555
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540852266.jpg
photoshosting.ru/ 9 KB
9 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540852266.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 14691aa0fa944c2a0ae6122576b35d7cfc24339b9c68f2eae1a14c6efcc3c689

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "2281-5c4a21b8466e4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8833
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540888500.jpg
photoshosting.ru/ 14 KB
14 KB 130ms
128ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540888500.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: bfffa55d15b209e2825b9af6d15c55069db8da75010c9aa73efaae4a497124e6

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "36de-5c4a21b848df4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14046
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 162357540889431.jpg
photoshosting.ru/ 14 KB
14 KB 129ms
127ms Image
image/jpeg 2a00:15f8:a000:5:1:11:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/162357540889431.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 382649d3c32e5027e3084e17a1bfc0bfaa780e98ae0f0b2ce0fe81b9b058d9b7

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Sun, 13 Jun 2021 09:10:08 GMT
server: Apache
etag: "378b-5c4a21b84b504"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14219
expires: Mon, 14 Jun 2021 09:19:04 GMT

GET
H2 200 WorldofWater.woff
hi.ru/fonts/ 18 KB
19 KB 44ms
42ms Font
application/font-woff 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/fonts/WorldofWater.woff
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: b663358d262151aebf082f699b672c1c44e5e1ed122b6bcf03a461345d0673ae

Request headers

:path: /fonts/WorldofWater.woff
pragma: no-cache
origin: https://hi.ru
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: hi.ru
referer: https://hi.ru/assets/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://hi.ru
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:44:52 GMT
server: nginx
etag: "589353f4-4978"
content-type: application/font-woff
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18808
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2 200 icomoon.ttf
hi.ru/fonts/ 6 KB
7 KB 54ms
52ms Font
application/octet-stream 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/fonts/icomoon.ttf?ize68d
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 6f9c80a5f214df00adb0ee7f714a44c3a472f52e7dbe66bf740eb4344b21c26f

Request headers

:path: /fonts/icomoon.ttf?ize68d
pragma: no-cache
origin: https://hi.ru
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: hi.ru
referer: https://hi.ru/assets/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://hi.ru
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Thu, 02 Feb 2017 15:44:52 GMT
server: Apache
etag: "197c-5478e0bcfc930"
cache-control: max-age=0
accept-ranges: bytes
content-length: 6524
expires: Sun, 13 Jun 2021 09:19:04 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:09:53 GMT
x-content-type-options: nosniff
age: 97751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:09:53 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
9 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:44:37 GMT
x-content-type-options: nosniff
age: 99267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:44:37 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:26:30 GMT
x-content-type-options: nosniff
age: 85954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:26:30 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
9 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFUZ0bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:42:21 GMT
x-content-type-options: nosniff
age: 103003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9400
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:42:21 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:03:39 GMT
x-content-type-options: nosniff
age: 101725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9588
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:03:39 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 128 KB
45 KB 135ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1ade235fbaf9c00ef546a04c34431dec4c724a9d4a755b95e1789f3cacc21f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: br
last-modified: Tue, 08 Jun 2021 09:54:37 GMT
etag: "60bf3bc8-b491"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 46225
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H2

200

543872641
www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/543872641
https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/543872641

43 B
297 B

42ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/543872641
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:04 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/543872641
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 82ms
26ms Script
application/javascript 99.86.241.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-40.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:06:45 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: JXRFRn-bSOnnSitG8HKhHZf5LzelCHpkg5atCaY-3pXzyql02zCRXA==

GET tv-xml2.php
tv.hi.ru/ 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 11E2 2 KB
2 KB 72ms
24ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hi.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=hi.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1655
set-cookie: uid=733bee46-2e38-4bcc-ac29-ccb13a61b958; expires=Mon, 13 Jun 2022 09:19:04 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 13 Jun 2021 09:19:04 GMT
content-length: 1129

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/ 231 KB
85 KB 49ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5798867249887033&plah=hi.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87427
x-xss-protection: 0
server: cafe
etag: 18285230650351733317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Jun 2021 09:19:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/ Frame F931 10 KB
5 KB 5ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210607/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210607/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 12 Jun 2021 17:09:07 GMT
expires: Sat, 26 Jun 2021 17:09:07 GMT
content-type: text/html; charset=UTF-8
etag: 3869991350818612685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4515
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 58197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20651854&ns__t=1623575944791&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1623575944791&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=

64 B
331 B

54ms
47ms

Image
image/gif

99.86.241.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1623575944791&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-40.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 3s0S5-g0HkWBNGvNu3rnRBOY_Kb6Z1QcIvHHg9xhjYY_qzGGaj-ZVw==

Redirect headers

date: Sun, 13 Jun 2021 09:19:04 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1623575944791&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=
content-length: 158
x-amz-cf-id: Lh7r-upTkv8Ifx5hHDD-8KqRK94A4WapvBp1QKJ-gL3YyQIAbBvAWw==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 195 B
652 B 78ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hi.ru&callback=_gfp_s_&client=ca-pub-5798867249887033

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5798867249887033&plah=hi.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e73876acf97f29bebbe45073b98349cf74861671f7d958e0352d16f7572c486e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0BAD 11 KB
979 B 67ms
65ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1623575944&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944725&bpp=5&bdt=373&idt=76&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8780533843875&frm=20&pv=2&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=95

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fa7a92bb296612108ba8f71e70c164d61411f1ed8579f7ac0bbabc482d42ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1623575944&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944725&bpp=5&bdt=373&idt=76&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8780533843875&frm=20&pv=2&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=95
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:04 GMT
server: cafe
content-length: 956
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Jun-2021 09:34:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:04 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C19A 101 KB
27 KB 602ms
601ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1623575944&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944730&bpp=3&bdt=379&idt=100&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y14Oz7CNIm&p=https%3A//hi.ru&dtd=106

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37111854edf6ded09171e25b528a5c3f84140f0870dfa1f2d9ae85834748d175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1623575944&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944730&bpp=3&bdt=379&idt=100&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y14Oz7CNIm&p=https%3A//hi.ru&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:05 GMT
server: cafe
content-length: 27538
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Jun-2021 09:34:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CAE9 71 KB
24 KB 758ms
752ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1623575944&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944733&bpp=1&bdt=381&idt=112&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U3KegbfLft&p=https%3A//hi.ru&dtd=115

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484fc5bcc55eef7f11d2e8f74bd1445faa2b60392ecd977a56a4120903e5b2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1623575944&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944733&bpp=1&bdt=381&idt=112&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U3KegbfLft&p=https%3A//hi.ru&dtd=115
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:05 GMT
server: cafe
content-length: 24808
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 13-Jun-2021 09:34:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A88 93 KB
31 KB 687ms
686ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef96df9b60c0e76f3b78200e495f9c888939a23fc6b2f11ba9a5457f33fe0a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:05 GMT
server: cafe
content-length: 31781
x-xss-protection: 0
set-cookie: IDE=AHWqTUna2ZUHZsN7DpiFtM-nr49FkGa7X0j1S66ZGc0C_u4sW9FJiqGmkjHlvA32_hE; expires=Fri, 08-Jul-2022 09:19:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 215E 13 KB
6 KB 153ms
152ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944735&bpp=1&bdt=383&idt=174&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=y2YahBsGbk&p=https%3A//hi.ru&dtd=177

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc3db9df73763ed73b90bd867a85f32e5d8d0b64bc0a3fabc7bfcd349b363741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944735&bpp=1&bdt=383&idt=174&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=y2YahBsGbk&p=https%3A//hi.ru&dtd=177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:05 GMT
server: cafe
content-length: 6584
x-xss-protection: 0
set-cookie: IDE=AHWqTUm_0H83ujA4DRAuwnw-fyL0fWkXGclZvilgMdKb9fsW_iR9TM72JXhUcgzRXkg; expires=Fri, 08-Jul-2022 09:19:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9303.xYgcwZFusy7A6Js1xzV6ZvDcAApZbGxxB6iQ4HZW69iw-ma8Ngsh6vJw_BEt81hs.-wjw-UyVmvt8IZILEEt6qByUIe4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9303.r6QxZ6UoC0BdEjiVjKRiVAUpmuihjvc8LfF-hyIpKVeQWvl5wihQGQpl40_dIGN0OL30oVH5eYozWUy107LmUA%2C%2C.tMNA3bZzSeSo_5M75fHxy9nmeIw%2C

75 B
75 B

48ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9303.r6QxZ6UoC0BdEjiVjKRiVAUpmuihjvc8LfF-hyIpKVeQWvl5wihQGQpl40_dIGN0OL30oVH5eYozWUy107LmUA%2C%2C.tMNA3bZzSeSo_5M75fHxy9nmeIw%2C

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9303.r6QxZ6UoC0BdEjiVjKRiVAUpmuihjvc8LfF-hyIpKVeQWvl5wihQGQpl40_dIGN0OL30oVH5eYozWUy107LmUA%2C%2C.tMNA3bZzSeSo_5M75fHxy9nmeIw%2C
date: Sun, 13 Jun 2021 09:19:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D772 13 KB
6 KB 142ms
142ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944736&bpp=1&bdt=385&idt=216&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=zMHhwKvDRi&p=https%3A//hi.ru&dtd=219

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8044e5a2fd314a99ae6b5573de76df237b559641cfac927e99ba23045ab9108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944736&bpp=1&bdt=385&idt=216&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=zMHhwKvDRi&p=https%3A//hi.ru&dtd=219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:05 GMT
server: cafe
content-length: 6615
x-xss-protection: 0
set-cookie: IDE=AHWqTUlB63oSg2moJEP1dwHXHIka_EHORiykhHAvoCFy0ZR9a_giZ1sMprqQm0JTRmg; expires=Fri, 08-Jul-2022 09:19:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:04 GMT
last-modified: Tue, 08 Jun 2021 09:54:37 GMT
etag: "60bf3bc8-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 13 Jun 2021 10:19:04 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61A9 13 KB
7 KB 168ms
167ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b15120b7989ffe1c0dc36cc97d043f460ece41cc4c5a80a00f458382f4478219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:05 GMT
server: cafe
content-length: 6678
x-xss-protection: 0
set-cookie: IDE=AHWqTUnnEz_2m0QWsNEweWpmskmOTKyzAhN_eNpnbB88GOUDENdbocvU0xcDPq4UJH4; expires=Fri, 08-Jul-2022 09:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55F4 13 KB
7 KB 249ms
249ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

997985a0d2dcd881eed27ff4b11de4627fcfd4f9f7b813bb9bb919dddf43f87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 13 Jun 2021 09:19:05 GMT
server: cafe
content-length: 6678
x-xss-protection: 0
set-cookie: IDE=AHWqTUl3RU72u7qZr_lMeyaG06HGH7-NJ44X8LCR13PnlcP1j0SqEAAd43T16OVwWBM; expires=Fri, 08-Jul-2022 09:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 215E 2 KB
1 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944735&bpp=1&bdt=383&idt=174&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=y2YahBsGbk&p=https%3A//hi.ru&dtd=177

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:17:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 215E 122 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 215E 13 KB
6 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:18:35 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 215E 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COPA5iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoElgFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD5UV1U4hAK4ixtpH7x5R2myWqiABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi01Nzk4ODY3MjQ5ODg3MDMz&sigh=yCRcOoOEeg4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944735&bpp=1&bdt=383&idt=174&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=y2YahBsGbk&p=https%3A//hi.ru&dtd=177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 215E 0
0 29ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k7dx0s57y6ks5b1wf8gyf4071850276j1c0z6ybmw6mqrszejxk096ynh5kgr25vj5qjknrzeybztdnyd09j9stycesd1krqgjqy2n5saaw191nf1s41tqjt1nb992xey01me8y5an9r43f8a9ew1xbpyzm8b6deq51v5rz5200kxaknqhr74kscm53tahgssqqkggamhepgmtvwhhd2eaeqymnc2be1rm0v3kyf2s8few8z1y4qr7ptmqmssv002bf71d894nd0k3dydhyq5hfrv3ac67yt8et4g09p1zw6p4hgyq7bpp8y8hbt2h3b5wfvqgb0aa121s3pg8basqbqy5jzwkvmksf6rb4c8yq92pq7g561fvv35xch2y883xgf93k&b=YMXNiAAOTNkK5sB1AAbD1COTxBv2vXFcpPo4bw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944735&bpp=1&bdt=383&idt=174&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=y2YahBsGbk&p=https%3A//hi.ru&dtd=177
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 09:19:05 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 77B4 2 KB
2 KB 82ms
62ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e3f429b97781e9628ea61941f330cc8c3790706d490661a0f59e937f256589

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa643f79300001f1176117000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c38dece1f11-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 15B9 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 15B9 35 B
464 B 31ms
12ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAsbsnXYBR1ZfqjhCAIprBQ&google_cver=1&google_push=AYg5qPIRat04afj42OYtVGuYuGrlqK3IEWpD5FyVNQ-oioCffPe-9iyS58f7C9XdVAYZVrFrFr1Lx4eWkp1lC2e8_DUOX3MTnHu_

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 15B9
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLYYelw...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLYYelw...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTMwOTE5MDU5NjkzNjM3MjIyMDU4Nw%3D%3D&google_push=AYg5qPLYYelwReLli1xxWZCF3VZGxqwyVTJwv_kHfUp4YIDaNWnsCSh19pP6lzJB2fZ4jX...

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTMwOTE5MDU5NjkzNjM3MjIyMDU4Nw%3D%3D&google_push=AYg5qPLYYelwReLli1xxWZCF3VZGxqwyVTJwv_kHfUp4YIDaNWnsCSh19pP6lzJB2fZ4jX-47mU5L6OyZDaTbA8dXim-kbq8n-nO

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA2MTMwOTE5MDU5NjkzNjM3MjIyMDU4Nw%3D%3D&google_push=AYg5qPLYYelwReLli1xxWZCF3VZGxqwyVTJwv_kHfUp4YIDaNWnsCSh19pP6lzJB2fZ4jX-47mU5L6OyZDaTbA8dXim-kbq8n-nO
Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:05 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 15B9
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEJ1W3Dk_CN9Jr_S0DSsEUbc&google_cver=1&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X
https://rtb.openx.net/sync/dds?google_gid=CAESEJ1W3Dk_CN9Jr_S0DSsEUbc&google_cver=1&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:04 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJBddYb8LZkLB1t6Lfbwm2DjB7ck2YisnVyjjNM2MOErrYmQk4OrO-rwmSLeY0XxCxQnALBKCVkiSfheBxZMxhSUtjp91X&google_hm=aCynSADcw2kDtJTLTTZ6yQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ik15jgelqj9fhr5a66cg5ovjn19pdd6g

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 15B9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

42ms
40ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzIBPis-F0rvDNxPrpnGC9-xEIPYqfIa6Y_Z814HWEN0jlejvkBJe349neWGhZHtq7NdazuJqjcT76Ht-BN_MX3fygE286

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzIBPis-F0rvDNxPrpnGC9-xEIPYqfIa6Y_Z814HWEN0jlejvkBJe349neWGhZHtq7NdazuJqjcT76Ht-BN_MX3fygE286
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 15B9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDIzRqKZ9rvid3hJxirbGfo&google_cver=1&google_push=AYg5qPKDCQj93ZRUFUOHf5_z7_YOIkvhq_zEHLCjoF-35ThCwctppj8IymVZgoKXwsTxH_-udIo...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc0WU0tTS01V081&google_push=AYg5qPKDCQj93ZRUFUOHf5_z7_YOIkvhq_zEHLCjoF-35ThCwctppj8IymVZgoKXwsTxH_-udIo2fs2E9vQE_CSRm6XwxOyUzfU

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc0WU0tTS01V081&google_push=AYg5qPKDCQj93ZRUFUOHf5_z7_YOIkvhq_zEHLCjoF-35ThCwctppj8IymVZgoKXwsTxH_-udIo2fs2E9vQE_CSRm6XwxOyUzfU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc0WU0tTS01V081&google_push=AYg5qPKDCQj93ZRUFUOHf5_z7_YOIkvhq_zEHLCjoF-35ThCwctppj8IymVZgoKXwsTxH_-udIo2fs2E9vQE_CSRm6XwxOyUzfU
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 15B9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 15B9 43 B
297 B 61ms
19ms Image
image/gif 2a05:d01c:1d8:8100:558f:678c:b3d9:283d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGIc58wur3iDl0rvh54wfyU&google_cver=1&google_push=AYg5qPIJGY6qFgOxK1mV_rYb-3J8m9cXTZNJ1RSj9cYaoYwPOrcaJzEkocMDPt3zsMlmbWW_qI3b2zOkG5qGV59NTVJzrfvta0Yp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944735&bpp=1&bdt=383&idt=174&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=y2YahBsGbk&p=https%3A//hi.ru&dtd=177
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:558f:678c:b3d9:283d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 15B9 0
253 B 89ms
41ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1UDU8U6ZGN3vk_J7ZwPWwzm5nedBZZDZkMHTre5N-eX2hzRhqCfSVpXDmN63YyIy7GxIx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D772 2 KB
1 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944736&bpp=1&bdt=385&idt=216&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=zMHhwKvDRi&p=https%3A//hi.ru&dtd=219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:17:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D772 122 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D772 13 KB
6 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D772 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGh53wMFPlowEM3xvDfNGS0RjXc1ub_k7nLthWcnn-veFvQU5e305LJq5zdF7YdujojdyQ57u6pMLSvMuOcxyxD1BqXA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944736&bpp=1&bdt=385&idt=216&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=zMHhwKvDRi&p=https%3A//hi.ru&dtd=219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D772 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPZpyiM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJYBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDj11a0aXtHHUeI4blxTVIo5SKgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNTc5ODg2NzI0OTg4NzAzMw&sigh=mHm25SFuGOk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944736&bpp=1&bdt=385&idt=216&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=zMHhwKvDRi&p=https%3A//hi.ru&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D772 0
0 17ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kd680szejfb9c28jja84sydwkd7ncpk37ea92er6qkmcet5xhyw15j253prm8xazswa2dr4615qenr5xfpy24kp2xc5xf2d1t9cf5hjv0d52v4grzjd41hadg3vr7zn8njk52q3yh6x3a1zsct190nvyv3x1je8j3a5j5tx8dn6ys6qnse28ntd8v839ger7p1z073ssy4j5n64k31aqfksmgfhm0ckbs9w800w89k73d2242ymmvmexmntcxcaskxj8cgqdv7c8eaj9827t3gf0rhfb4wzttz6hae4rt9yvrgbxnrn4jgfjddtxpr39hy40txyw98kkyrp8q3nzqvd8ytdv77xxqkgy3zbn0310yt68sejq0zw9e5x7btk51bfyqrq&b=YMXNiAAO-OwIFUvCAA9y5_-p0EXZfRJm3W_53A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944736&bpp=1&bdt=385&idt=216&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=zMHhwKvDRi&p=https%3A//hi.ru&dtd=219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 09:19:05 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 7879 2 KB
1 KB 53ms
52ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2e78d048001b6089b22f6246bec5fe6e329f1173a4a3dbec340ebbf021a9ef

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa643f79a00001f114b86d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c38ff121f11-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0502 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 215E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6680ca2cf71d321e7d58d1d41ae25d697c268dab51ba107c7b59e494a109a4b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D772 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21f31eb9bec7106a4df30844f419383e62f41949f53a7864505eaf71837f6877

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

1 Show response
mc.yandex.com/watch/27131102/
Redirect Chain

https://mc.yandex.com/watch/27131102?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

184 B
266 B

50ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1346738797336%3Ahid%3A430217054%3Az%3A120%3Ai%3A20210613111904%3Aet%3A1623575945%3Ac%3A1%3Arn%3A604140689%3Au%3A1623575945267964133%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623575944166%3Ads%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C284%2C28%2C%2C%2C%2C470%3Adsn%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C244%2C28%2C%2C%2C%2C470%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623575945%3At%3AHi.ru

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

170bbb79a6356d61e00248df5603bde4e5507c1b672e9b9b42f1f502daaee828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 13-Jun-2021 09:19:05 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Sun, 13-Jun-2021 09:19:05 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Sun, 13-Jun-2021 09:19:05 GMT
location: /watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1bo6nxnn5zx1uku5%3Afp%3A459%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A1346738797336%3Ahid%3A430217054%3Az%3A120%3Ai%3A20210613111904%3Aet%3A1623575945%3Ac%3A1%3Arn%3A604140689%3Au%3A1623575945267964133%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623575944166%3Ads%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C284%2C28%2C%2C%2C%2C470%3Adsn%3A42%2C87%2C52%2C43%2C0%2C0%2C%2C244%2C28%2C%2C%2C%2C470%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623575945%3At%3AHi.ru
strict-transport-security: max-age=31536000
access-control-allow-origin: https://hi.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 13-Jun-2021 09:19:05 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 77B4 58 KB
59 KB 47ms
38ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7129198
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0aa643f81a0000d6d19ab02000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9u9KAyWJ1J02z2XJ%2FbqqkbpsE0%2Ff2fDPjj0zTO74ouAUFT2ZyBHU4Mj9X7JQ0KVKPr%2B3aa4Cbdtw1oeVgf6yegqb%2B3NspaUu%2FRJ1tYMwkImFmf6Gw7j2v20ejDoSKBqT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65ea3c39c909d6d1-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 77B4 36 KB
12 KB 53ms
43ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 57189
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa643f81a0000d6d150ba9000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P0WH9eyr3WJFtoEr6Wop5T9hgxzTZeVuK44Lf%2B2XA05NVQUB7QWi46CeqswuoFXp8QuV1Gp3S4h8KbCBr7aSNTLu7GWUf5y3oYpoFo%2FzZRLvJhUVHAWAYPpMVkhWKXz0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65ea3c39c90bd6d1-FRA
expires: Sat, 12 Jun 2021 17:25:56 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 61A9 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:17:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61A9 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 61A9 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 61A9 0
0 23ms
22ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaNEwusTXz3CfmVJZiubX4-nnakaoJrexcIlDHtCqMTC5VQLL4TccX_wyVPyyslD5k7OK3e4hJqYv4mHuGZ7wmzmYjLA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 61A9 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTCl2ic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJYBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrAyVOaVIZZTDnzuF3aVDn1iIhgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNTc5ODg2NzI0OTg4NzAzMw&sigh=M3eP8uvLopg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 61A9 0
0 15ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hf5eepftzzk35dpa4hqveym8s4w3chvgcwrpgx8yb35v6w8ptvhbcvfpccksnjjp6pjjsb8nsav81v63g8a0mt6bpav1z5pbc7g84fk9t0ea4xf7mkb0tcvqr46k0zjyp0k6hzzaev0pd78cm8cyrbsqq36dvskkb01h0f80rb552qhs2zfpax8kmpzwjpxc0pa6ggatcswtkezxwyd28vf5hs57eamasym0r6tw8nc7jxnn86k3kmptvebvtw7m7qgm9ntnrt16db3gysht357jpysaz99b3wc3ddcrmypsjn3hjmcjps4j4ymaen5wn8pt9f7ececk0ekj3dj5z1rhhmfx3qzee7n8xbyb37etsbnmk98mvvvbyk5ha518c118ygq&b=YMXNiQAAQs4IFURmAAvEKn0vlncdNYlmEXdJrA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 09:19:05 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame 91FC 2 KB
2 KB 49ms
44ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0996ad93dca0b546d039ec026226696396a369625d7b14eafd07622eff178f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa643f81a0000d6d1661ae000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c39c90cd6d1-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1D21 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 7879 58 KB
59 KB 35ms
31ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7129198
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0aa643f8190000d6d17e84a000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kfcP%2FDiNDYiyvongN7yJYaZ74LQM7k7484nn2mn9ZOgkYDoyYdPj5V1svX0wtr4VLR9IyFUa3t%2FVy373FR5CxH%2BNcO%2BowmDvZ8wKcXX9e3qbJ5%2FbXkYKb9Hb1wpWFhig"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65ea3c39c904d6d1-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 7879 36 KB
12 KB 29ms
25ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 57189
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa643f8190000d6d1a90f3000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RPK3dzrJBO6GcYhb3H9%2FbvAgV4y6EA48DdKFhX1E6aj5VAQNlmLThTcOCFzFYeULfJD5sxKEv%2BpxxaXD%2FPI2lvboJNqC7xrVN5M71ehyU%2BPjluYcj4Vb93pU9uMks4t4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65ea3c39b901d6d1-FRA
expires: Sat, 12 Jun 2021 17:25:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0502
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAoJRwYodqCfP9v2NaaDDM4&google_cver=1&google_push=AYg5qPIVcxhrUusYWHwgzzSKFu9_GC1-li6R4hHdtj8E7awUz4-b1zBgaR...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVcxhrUusYWHwgzzSKFu9_GC1-li6R4hHdtj8E7awUz4-b1zBgaRQNjuEhgtG_PvpumzFMeWA0NecoOLpvaiqvUyRy06sY&google_hm=IXgXZv...

170 B
188 B

29ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVcxhrUusYWHwgzzSKFu9_GC1-li6R4hHdtj8E7awUz4-b1zBgaRQNjuEhgtG_PvpumzFMeWA0NecoOLpvaiqvUyRy06sY&google_hm=IXgXZvavI8pOgeyLGUMj1g

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIVcxhrUusYWHwgzzSKFu9_GC1-li6R4hHdtj8E7awUz4-b1zBgaRQNjuEhgtG_PvpumzFMeWA0NecoOLpvaiqvUyRy06sY&google_hm=IXgXZvavI8pOgeyLGUMj1g
pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0502
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECs8vftB3Y4MZcx_Hn8FlBI&google_cver=1&google_push=AYg5qPLzacJ5laTvqfs8k4FoIlyEXI2IxZ0R_fqCE8ol1QWw06CGxX_scvuZFXp8ZbZWZVDhYkM9mWhhtRQXi7JjR9W2KmIZdM-d
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLzacJ5laTvqfs8k4FoIlyEXI2IxZ0R_fqCE8ol1QWw06CGxX_scvuZFXp8ZbZWZVDhYkM9mWhhtRQXi7JjR9W2KmIZdM-d&google_hm=Q0FFU0VDczh2ZnRCM1k0T...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLzacJ5laTvqfs8k4FoIlyEXI2IxZ0R_fqCE8ol1QWw06CGxX_scvuZFXp8ZbZWZVDhYkM9mWhhtRQXi7JjR9W2KmIZdM-d&google_hm=Q0FFU0VDczh2ZnRCM1k0TVpjeF9IbjhGbEJJ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:05 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLzacJ5laTvqfs8k4FoIlyEXI2IxZ0R_fqCE8ol1QWw06CGxX_scvuZFXp8ZbZWZVDhYkM9mWhhtRQXi7JjR9W2KmIZdM-d&google_hm=Q0FFU0VDczh2ZnRCM1k0TVpjeF9IbjhGbEJJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0502
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKKvPdzHmSaAy8vUt-sQWqQ&google_cver=1&google_push=AYg5qPIoN7J9o983OflEM5oryhAlK-AOhk4bRrQggXqRsEoLXBPeuLTjwWWp6R15sE7TK_OTTGyb71LQ9LCKjpwULRspCkV6jfY
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIoN7J9o983OflEM5oryhAlK-AOhk4bRrQggXqRsEoLXBPeuLTjwWWp6R15sE7TK_OTTGyb71LQ9LCKjpwULRspCkV6jfY&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

170 B
188 B

28ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIoN7J9o983OflEM5oryhAlK-AOhk4bRrQggXqRsEoLXBPeuLTjwWWp6R15sE7TK_OTTGyb71LQ9LCKjpwULRspCkV6jfY&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:04 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIoN7J9o983OflEM5oryhAlK-AOhk4bRrQggXqRsEoLXBPeuLTjwWWp6R15sE7TK_OTTGyb71LQ9LCKjpwULRspCkV6jfY&google_hm=aCynSADcw2kDtJTLTTZ6yQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tgcaqarklbd01iojlfq9ljnp7u72he2n

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0502
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLwHznjX26F9hmJvum2ZwHJYnQIt-dxZduzQuajInEXUPlDafRnNtbBJ5r30OrgakcJkVTV2U7RJCDokjLcCtUPFezIpJB1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLwHznjX26F9hmJvum2ZwHJYnQIt-dxZduzQuajInEXUPlDafRnNtbBJ5r30OrgakcJkVTV2U7RJCDokjLcCtUPFezIpJB1
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0502
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFQdaFdg7YS7QIK1b0J0AhA&google_cver=1&google_push=AYg5qPIn06wE6fUbUjy_6AWVEEP7CXh25aP5izmYAjBMTcw68RXjiFbEUtvgWQMtKTz9hiLEYaT...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1ME0tOC00R0VG&google_push=AYg5qPIn06wE6fUbUjy_6AWVEEP7CXh25aP5izmYAjBMTcw68RXjiFbEUtvgWQMtKTz9hiLEYaT08Z5U5i9SASLyYfKomBjvwD1m

170 B
188 B

44ms
42ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1ME0tOC00R0VG&google_push=AYg5qPIn06wE6fUbUjy_6AWVEEP7CXh25aP5izmYAjBMTcw68RXjiFbEUtvgWQMtKTz9hiLEYaT08Z5U5i9SASLyYfKomBjvwD1m

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1ME0tOC00R0VG&google_push=AYg5qPIn06wE6fUbUjy_6AWVEEP7CXh25aP5izmYAjBMTcw68RXjiFbEUtvgWQMtKTz9hiLEYaT08Z5U5i9SASLyYfKomBjvwD1m
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0502
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIJ_tRoxPcowq1FF2ETBFOw&google_cver=1&google_push=AYg5qPI8ulVXT9qmWfcSi2xZ8gi1_yjSA8DEOptKDW-8eCnqwQ3YdRau6NPOE4eq6IclANWFV-AiUe36MsXSg4iDX9LJ6EI...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPI8ulVXT9qmWfcSi2xZ8gi1_yjSA8DEOptKDW-8eCnqwQ3YdRau6NPOE4eq6IclANWFV-AiUe36MsXSg4iDX9LJ6EIkFUtl&google_hm=U4RYhflGTTyYB9l3...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPI8ulVXT9qmWfcSi2xZ8gi1_yjSA8DEOptKDW-8eCnqwQ3YdRau6NPOE4eq6IclANWFV-AiUe36MsXSg4iDX9LJ6EIkFUtl&google_hm=U4RYhflGTTyYB9l32EL4Ww

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPI8ulVXT9qmWfcSi2xZ8gi1_yjSA8DEOptKDW-8eCnqwQ3YdRau6NPOE4eq6IclANWFV-AiUe36MsXSg4iDX9LJ6EIkFUtl&google_hm=U4RYhflGTTyYB9l32EL4Ww
pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0502
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDMAMH4JKA9MqLZbVBDk9HQ&google_cver=1&google_push=AYg5qPK9TgjHqBikxzhc2RrT...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9TgjHqBikxzhc2RrTBmfDSUE0VQEBXswm18kSMAb9r43O5bv9fqJNdAsodt52x_IMjF11IFERb7s_61HdROHrF9nu9mmGgA&google_hm=

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9TgjHqBikxzhc2RrTBmfDSUE0VQEBXswm18kSMAb9r43O5bv9fqJNdAsodt52x_IMjF11IFERb7s_61HdROHrF9nu9mmGgA&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9TgjHqBikxzhc2RrTBmfDSUE0VQEBXswm18kSMAb9r43O5bv9fqJNdAsodt52x_IMjF11IFERb7s_61HdROHrF9nu9mmGgA&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 12 Jun 2021 09:19:05 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0502 0
12 B 25ms
25ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJ63ATQi-0XC75NhEKmILQ9Rgq60BrTPWcg29yj1b0nzOEQRSm65hsN0TKkNFBCsUdipHlKA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D21
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELW2L3HRBe-2tDbtwZi7gQ&google_cver=1&google_push=AYg5qPKZkxrn94W8n_oYBJ9qMrnkEkVzavlbCADuBTzo1sVxs4BKiUcV64...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKZkxrn94W8n_oYBJ9qMrnkEkVzavlbCADuBTzo1sVxs4BKiUcV64nBtMMSdQBfpWDj0AsG31q4gMw3burVy9c_jIeEWKI&google_hm=IXgXZva...

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKZkxrn94W8n_oYBJ9qMrnkEkVzavlbCADuBTzo1sVxs4BKiUcV64nBtMMSdQBfpWDj0AsG31q4gMw3burVy9c_jIeEWKI&google_hm=IXgXZvavI8pOgeyLGUMj1g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKZkxrn94W8n_oYBJ9qMrnkEkVzavlbCADuBTzo1sVxs4BKiUcV64nBtMMSdQBfpWDj0AsG31q4gMw3burVy9c_jIeEWKI&google_hm=IXgXZvavI8pOgeyLGUMj1g
pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D21
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJYS21NmRVB1BVI4b52NnNMwsJSm5IF4G5aT-0...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCYTNMeERiOA&google_push=AYg5qPJYS21NmRVB1BVI4b52NnNMwsJSm5IF4G5aT-0t2wEV38u3ezrndCFv5LN9lyXqjuZgFqktgJNj0TUUQ6OrFhNBNwPvvIQ

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCYTNMeERiOA&google_push=AYg5qPJYS21NmRVB1BVI4b52NnNMwsJSm5IF4G5aT-0t2wEV38u3ezrndCFv5LN9lyXqjuZgFqktgJNj0TUUQ6OrFhNBNwPvvIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCYTNMeERiOA&google_push=AYg5qPJYS21NmRVB1BVI4b52NnNMwsJSm5IF4G5aT-0t2wEV38u3ezrndCFv5LN9lyXqjuZgFqktgJNj0TUUQ6OrFhNBNwPvvIQ
Date: Sun, 13 Jun 2021 09:19:05 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 1D21 43 B
608 B 64ms
25ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEA0lZkCaWizPEPOtbCwpwg4&google_push=AYg5qPLcR55IXbsrA_4qvKnv4HqgpzwGIch-ThVAwrI_ydFQP0z8nwp2QSkT1NzbLjl0g0QYdAgNJvkfdDaYPf39_EESdQxBZL0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D21
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHf0O3rUUjoe2ki1RD2MWaI&google_cver=1&google_push=AYg5qPKVptNx2xo-SR74vrp3kGkrICuGgj1c2mepzKa6H63GO5FkkKS1kg7jj91pkg3w8VO5sC1BoqrxOfvXuYVp36fGEb89Lic
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKVptNx2xo-SR74vrp3kGkrICuGgj1c2mepzKa6H63GO5FkkKS1kg7jj91pkg3w8VO5sC1BoqrxOfvXuYVp36fGEb89Lic&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKVptNx2xo-SR74vrp3kGkrICuGgj1c2mepzKa6H63GO5FkkKS1kg7jj91pkg3w8VO5sC1BoqrxOfvXuYVp36fGEb89Lic&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:04 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKVptNx2xo-SR74vrp3kGkrICuGgj1c2mepzKa6H63GO5FkkKS1kg7jj91pkg3w8VO5sC1BoqrxOfvXuYVp36fGEb89Lic&google_hm=aCynSADcw2kDtJTLTTZ6yQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: j7v3of262kuk8q0re17fjhldr1vfsm04

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D21
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJBgT4XR9h1vy-LEPewQfdf3131FJGITIArvFWghVvi_a3bOeCTCD74xRRUsYQP_jNkyNAgkBeZv8PN-vXx36zDUIKvvw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjMzOMNmQb6L9Tfn0kQyRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJBgT4XR9h1vy-LEPewQfdf3131FJGITIArvFWghVvi_a3bOeCTCD74xRRUsYQP_jNkyNAgkBeZv8PN-vXx36zDUIKvvw
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D21
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGqUBSYD8f54_KT6W2LXv70&google_cver=1&google_push=AYg5qPKaCTjpr95PNnxhjwe0mwGnG3XK6dybekO78lOe6lr4rUFxJBPkhcJWoK24i0-mvEZP7dH...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1MVktMUItTEJYRw==&google_push=AYg5qPKaCTjpr95PNnxhjwe0mwGnG3XK6dybekO78lOe6lr4rUFxJBPkhcJWoK24i0-mvEZP7dHfZZfllGbpdAJaZVvXK9MA7cA

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1MVktMUItTEJYRw==&google_push=AYg5qPKaCTjpr95PNnxhjwe0mwGnG3XK6dybekO78lOe6lr4rUFxJBPkhcJWoK24i0-mvEZP7dHfZZfllGbpdAJaZVvXK9MA7cA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1MVktMUItTEJYRw==&google_push=AYg5qPKaCTjpr95PNnxhjwe0mwGnG3XK6dybekO78lOe6lr4rUFxJBPkhcJWoK24i0-mvEZP7dHfZZfllGbpdAJaZVvXK9MA7cA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1D21
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7g...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 1D21 0
12 B 28ms
25ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRZS2LDJeUtyE0pTBzq-5Jg9OzbMo0604aIJECbEmPij7smvcb98UbIX8pGuXOarib1Hfm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944737&bpp=1&bdt=385&idt=249&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=DunTehfcav&p=https%3A//hi.ru&dtd=254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 61A9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cac1bf452b07eb277c053c80ca566f77665de62f7cd809198f76164ad9e69c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7879 3 KB
4 KB 47ms
26ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 333563
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
cf-request-id: 0aa643f86b00004e9e65129000000001
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wW3Hw0iN8bIjlRmJNqgWHRkMCyuCKVRPkF979Wesg2lxlmswAXM2BnHbvjVLigfwd9yDlL9I5oJA3ZEtEAkwqnFaalkXgN3FRysmvoGmYZnZz2%2FQwmKoeQVKMrGvAkEh4XDf4TSLqIJIvOhqWXE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 65ea3c3a4ea74e9e-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 77B4 3 KB
4 KB 39ms
27ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 333563
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
cf-request-id: 0aa643f86c00004e9e890b2000000001
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q%2FkvXfA%2FtxnxTeFgMX92z3CABMeO%2BXSMaW9W1DlKKscyfLLfiJ%2BxKL%2FZPyQwGs8RwmJBb9rbJF3xbkgbDWE9sb6hDNTAS1Beq%2BIoGY4Lswiwmw2YWFEx%2FHJQNiuRlVk3WXAwtubYPMvFpwWkgCQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 65ea3c3a4ea94e9e-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 2A3F 2 KB
2 KB 28ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sun, 13 Jun 2021 10:19:05 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1772589
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0aa643f8650000d6d1581c1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GOqk12QO2H3E1Vue6MDaKGnAL%2BC7TlRsPKJi8E4RjhngJAr%2BrNB%2Ba3xTPOajpv%2BZjgVpfJ0ZtfyVpgESE72l8Vsy6jx5v0H34Bc8%2Fv5mek9f8ehxUddkTuHPLUcFkC3o"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65ea3c3a39e5d6d1-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 55F4 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:17:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55F4 122 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 55F4 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 55F4 0
0 17ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqwzkdjwfA9UKbjIxXQ87vbvgvnJQgqjfFER39D94YWQSimZcEhaKsLCvjC_KO3rEODDCXnTzefoP7YQ4Mxbg-JTCyZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 55F4 0
0 19ms
16ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrApric3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJwBT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmUqBmJ4EqDQg0TRdYoQ0YpLTJigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNTc5ODg2NzI0OTg4NzAzMw&sigh=1SD3348zRVQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 55F4 0
0 19ms
16ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hg2shkvc3pd2gyn5tyvxh8qjwrhramaxmkst9skjxc5am4ch73sghd1nt6mskq7wzfbm7zd8w1ddy6v7aadtxaan9xrqpa5ygt5ds22b3psf5pbq29e8z6vzyzpz5dnbs5fdq5hs3jwbsqk2z82w4gqtahqtj0qvk7mw9bs3net1q1wcphv35nv2xqmgdcb73nv6rhccpevyrd370421mh2zjq7c4mmg4w6pc4a9b1cgtehgcw82erkbdh8wh6hhdkdmwv3p3t23maw8r21jf6yb63nh9ngv8663db6dhpqcxxbpxg3ztmd2m6p4q710emg7yv0hkevkq8xf9emcbyfxv64yc97v703r5fctdb3xfbjavbjbcy3nkxbz8hr2skx83my&b=YMXNiQAAYe8IFV-wAADSFAmB7PxCzsVSiq4rPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Jun 2021 09:19:05 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H3-29 200 dr Show response
ad4m.at/ad/ Frame B96C 2 KB
2 KB 28ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f186b25d37c6fca2f2738e20ed7a173b77dff29790d5702087df1af1301500c7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa643f8690000d6d1a78f5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c3a49efd6d1-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B7F3 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 8B4B 2 KB
2 KB 18ms
18ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sun, 13 Jun 2021 10:19:05 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1772589
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0aa643f86a0000d6d195b18000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AzWjbtXS2wQ9Hf2TpDoYJKw05vEdIZNRFdF10Ell%2BMDFO6fFV1Z5mkjWkpnoi8j%2F%2FNxrzGmWjebqwJrISgWejDdbtAexBhCERRp%2Bl%2FXSwHuT%2F565deOr30ItzwQBfrxQ"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65ea3c3a49f2d6d1-FRA
content-encoding: br

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 91FC 58 KB
59 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7129198
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0aa643f8700000d6d1a3857000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MwvYAaoHTn612WIstNUQ6Sv2mAP4gDFIsTCZTj9AdaRNdQIkGtDybwi3E%2B7FRf3%2F36%2BRhJm4hCdjJMNxllZY463sGdhbAepc7VuW5FlMN2w74N3syMqclGI4sBrPfHcz"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65ea3c3a4a03d6d1-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame 91FC 36 KB
12 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 57189
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa643f8710000d6d160948000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8WidYIRifMf7sZCrp9NyYdIz9g7HovfalLcf0tv2UzskEczoJFHwuqFNSKULumIuMkLCZ8XDu3JrXrw1v9tjR%2BJPHuvlGMXKpYHXYnNdoh%2FfBjRRG%2Fct6mM3IYc4aoNA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65ea3c3a4a06d6d1-FRA
expires: Sat, 12 Jun 2021 17:25:56 GMT

GET
DATA 200
OK truncated
/ Frame 55F4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be778d96b3e4a26279b729639055f1592b58204581b17f7bd8a30bcadda9dd7f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 91FC 3 KB
4 KB 26ms
15ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 333563
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
cf-request-id: 0aa643f8c400000ea70eadb000000001
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uM5E5%2B7e1mD9lix3cWTeOD64uwE0gpyw63HPBd5VUJUZ2bpmnkCopSgXI9Z6ddIaJg1sjwM3ZhNGMa2Sh%2FDSNnyGAHq7Les%2B4D%2FFX%2B0yZRU%2FiGZd4MmDGBhZnGG4%2BuQZEf%2B9ILCFutyY2HC5A5w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 65ea3c3ad8820ea7-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 2B97 2 KB
2 KB 24ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sun, 13 Jun 2021 10:19:05 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1772589
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0aa643f8c20000d6d1b92fe000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=phbLHGS23uajNe6E9%2BeLotinzuNCNkBlCgxjKiiSMs%2FCR1Yj4XMcSf2XmIRVz6IeLnCym9KO2l%2FoZeCg4g0V3Lo6geAh3X%2BDLws30PBYa6tO67nBOEOj7CP0XT%2BeiZOE"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65ea3c3acb11d6d1-FRA
content-encoding: br

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame B96C 58 KB
59 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7129198
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
cf-request-id: 0aa643f8c10000d6d18e054000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d1H5DG3zAnsjGPjkTO3IrWoi3jDYhpPm%2BFp6trJdqnJWBdvNj4%2BHPgwFF4eXHhjKO33YQThZIbX6Lk4v81VlwxCwS55ACnMe0mcZljzdwRqEsYCMNuBdRzcABkpyeuii"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 65ea3c3acb00d6d1-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame B96C 36 KB
12 KB 32ms
31ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 57189
x-guploader-uploadid: ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa643f8c20000d6d177375000000001
last-modified: Thu, 06 May 2021 17:25:03 GMT
server: cloudflare
etag: W/"3b814633f8af4ea4642e44435db55b33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hrGJnrQY5F%2FhKYdcGoAIXRphYMfY%2BXg3QoTq0lyD7PfkYnVKKG5DKnyYZLfSE1hjQ3XlrPD98mZeE4BPYFQJycZzHrQF71hUdf6s2R1jLJsjuImGDFExP78%2Fxz%2F9RfIx"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620321903630655
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12034
cf-ray: 65ea3c3acb09d6d1-FRA
expires: Sat, 12 Jun 2021 17:25:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7F3
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELqGFODOa10d6nIu0-dcwT0&google_cver=1&google_push=AYg5qPLQgXnCoWggh1W5LFt5qQFrBdrYmmWUnaUPsFBP3sqqLvhBWMBo_3...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLQgXnCoWggh1W5LFt5qQFrBdrYmmWUnaUPsFBP3sqqLvhBWMBo_3kpeTR2QAIXhtaSO0GJ1kVkl83dzjguogLc1YTRHau8&google_hm=IXgXZv...

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLQgXnCoWggh1W5LFt5qQFrBdrYmmWUnaUPsFBP3sqqLvhBWMBo_3kpeTR2QAIXhtaSO0GJ1kVkl83dzjguogLc1YTRHau8&google_hm=IXgXZvavI8pOgeyLGUMj1g

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLQgXnCoWggh1W5LFt5qQFrBdrYmmWUnaUPsFBP3sqqLvhBWMBo_3kpeTR2QAIXhtaSO0GJ1kVkl83dzjguogLc1YTRHau8&google_hm=IXgXZvavI8pOgeyLGUMj1g
pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B7F3 43 B
390 B 28ms
26ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFxgLROeJlqxT2V-JDlqGAU&google_push=AYg5qPIqXYzb_TI5SB0dz6r_fv_8PAZqZvjvHbBgXepEkAroB7i3CWjKFnSNAH8Q5xRwezkk0yD5_StysARvH-z29s7kQYzF2_jF&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944739&bpp=1&bdt=387&idt=259&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2dd51e6d1805778d-22dc3150efc800f2%3AT%3D1623575944%3ART%3D1623575944%3AS%3DALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LO5EiI0Bz6&p=https%3A//hi.ru&dtd=262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7F3
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOQpzlmloiWHihmfaaaJj_Q&google_cver=1&google_push=AYg5qPKzJ1cg3qUP7drLI5REPLRPBrW6mI7OIAW3lBEkPg1cbrmukVcGL9MYhkAChFcp5RMCgGKSIPIBLpQPVk1edJQH3XH4SyI
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKzJ1cg3qUP7drLI5REPLRPBrW6mI7OIAW3lBEkPg1cbrmukVcGL9MYhkAChFcp5RMCgGKSIPIBLpQPVk1edJQH3XH4SyI&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKzJ1cg3qUP7drLI5REPLRPBrW6mI7OIAW3lBEkPg1cbrmukVcGL9MYhkAChFcp5RMCgGKSIPIBLpQPVk1edJQH3XH4SyI&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:04 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKzJ1cg3qUP7drLI5REPLRPBrW6mI7OIAW3lBEkPg1cbrmukVcGL9MYhkAChFcp5RMCgGKSIPIBLpQPVk1edJQH3XH4SyI&google_hm=aCynSADcw2kDtJTLTTZ6yQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: bc10rcsq1o5m274219bnnqkp347qhiul

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7F3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

42ms
41ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLE2wGE9muqUvJc4PjFPedAlnuOlATe57rpJyr7VDnRVPLk4rmqfsdIrEqxazUn5_RelVGlSJw0lcsBRGvqmM7P-wrcDewU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLE2wGE9muqUvJc4PjFPedAlnuOlATe57rpJyr7VDnRVPLk4rmqfsdIrEqxazUn5_RelVGlSJw0lcsBRGvqmM7P-wrcDewU
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7F3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI8pUKJ_3oWwKtt6hWJpBMA&google_cver=1&google_push=AYg5qPKO5T3T8qjAY616eFa4hrS8xexrbBMT5H4eDygbxPwjujaK6TYjdGDp8PmCiv6jDHCTJuS...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1NTktMUstOExDVQ==&google_push=AYg5qPKO5T3T8qjAY616eFa4hrS8xexrbBMT5H4eDygbxPwjujaK6TYjdGDp8PmCiv6jDHCTJuSMbb_E_93dBlDwfAXUool9Ha_o

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1NTktMUstOExDVQ==&google_push=AYg5qPKO5T3T8qjAY616eFa4hrS8xexrbBMT5H4eDygbxPwjujaK6TYjdGDp8PmCiv6jDHCTJuSMbb_E_93dBlDwfAXUool9Ha_o

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1NTktMUstOExDVQ==&google_push=AYg5qPKO5T3T8qjAY616eFa4hrS8xexrbBMT5H4eDygbxPwjujaK6TYjdGDp8PmCiv6jDHCTJuSMbb_E_93dBlDwfAXUool9Ha_o
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame B7F3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJ...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B7F3
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENNTZdP0fNOlKs2TU-9SENk&google_cver=1&google_push=AYg5qPKsrPc442M9w0CrN7ky...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKsrPc442M9w0CrN7kyvQOBrf_bfkvGFMxlaB22U12bzFm5mmwjXb0RmeS8lVYmDMQ6azK150YzFLgGjkY8h4zWCPwyN6CI&google_hm=

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKsrPc442M9w0CrN7kyvQOBrf_bfkvGFMxlaB22U12bzFm5mmwjXb0RmeS8lVYmDMQ6azK150YzFLgGjkY8h4zWCPwyN6CI&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKsrPc442M9w0CrN7kyvQOBrf_bfkvGFMxlaB22U12bzFm5mmwjXb0RmeS8lVYmDMQ6azK150YzFLgGjkY8h4zWCPwyN6CI&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 12 Jun 2021 09:19:05 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame B7F3 0
12 B 27ms
25ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13If2pxz2mE5C7L6TBBHHlwtS6G8NSsitdJqMHKBbzP1USitks5OAgexfi1iwCB7vGx-qbrKBQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 502 frame.html
ad4mat.net/ Frame 5BC3 0
0 44ms
42ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65ea3c3ad8374e9e:FRA; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT cf_use_ob=443; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65ea3c3ad8374e9e-FRA
server: cloudflare

GET
H2 502 frame.html
ad4mat.net/ Frame 884F 0
0 37ms
36ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65ea3c3ad8384e9e:FRA; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT cf_use_ob=443; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65ea3c3ad8384e9e-FRA
server: cloudflare

GET
H3-29 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B96C 3 KB
4 KB 15ms
14ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Sun, 13 Jun 2021 09:19:05 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 333563
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
cf-request-id: 0aa643f8ec00000ea70a20a000000001
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6lpSeUu4zUDOc9rzPSDRFJsy%2FrS271bX%2FFRjs37bZPWfrAhC0AlaHHiYkXfeBtcQDxaNDtj4YhEMNru%2FwP3qzWNetJ7CGxR96TQMKtvUTHVyCz3FIyfox1mdWwJEzkCt43enfbF3dZK95P7jFyk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 65ea3c3b190b0ea7-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame C19A 2 KB
531 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1623575944&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944730&bpp=3&bdt=379&idt=100&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y14Oz7CNIm&p=https%3A//hi.ru&dtd=106

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 09:17:31 GMT
server: ESF
date: Sun, 13 Jun 2021 09:19:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 7545 2 KB
2 KB 46ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Sun, 13 Jun 2021 10:19:05 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1772589
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 0aa643f9020000d6d1708af000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q6qNgafdPxaoYy7B8mFAz4UEEq%2FaxRtTgAjPySGGMKjocNzSz3WSmQjLDRO86eGnjvt%2BphWPg%2FnZ7QcXruMCyiPLmhXRn%2Bff8jCj5plaMA2hT4BEVkO7gsAvDx4G7BwW"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 65ea3c3b3bddd6d1-FRA
content-encoding: br

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame C19A 1 KB
909 B 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:54 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame C19A 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:14:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame C19A 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:17:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C19A 122 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame C19A 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:15 GMT

GET
H2 200 ef1eb58ff665bb7a112fcf12029c3c9f.js Show response
www.gstatic.com/mysidia/ Frame C19A 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10553
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Sep 2021 05:33:28 GMT

GET
H2 502 frame.html
ad4mat.net/ Frame 4805 0
0 29ms
27ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65ea3c3b28fa4e9e:FRA; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT cf_use_ob=443; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65ea3c3b28fa4e9e-FRA
server: cloudflare

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C19A 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd33piM3FYJzANKrF1fAPiqW_-Ai78577YuO_zeesDOrI6eeiGhABIOehgHpglYq4gsgHoAH_9P2ZA8gBCakCfsYep6lQtD6oAwHIA8sEqgSbAU_Q9pGWAsNutgsZNpsLUl1hHZuDq7MfnqG93dDPIp89IQPa3xn1pQo-7xhVepfql1zyOqo6tc0r_a4f6TOnYOciV86xU-cu-oLYED4bcNi9W4m5NL1Hxs8WbZnIYIX1Q6vliUnLmtq8qKJE2MurjCkw3w8jPqaZ83vEda84FPMUy-IAi7i2rP_la9u_xVMcBftdM30GlyY3viniwATUusDXswOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_JGXNqgHipyxAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQq7EI0ggJCIDhgBAQARgfgAoByAsB2BMMiBQD0BUBgBcBshcaChgIABIUcHViLTU3OTg4NjcyNDk4ODcwMzM&sigh=QgR2hcjNURY&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1623575944&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944730&bpp=3&bdt=379&idt=100&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y14Oz7CNIm&p=https%3A//hi.ru&dtd=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame C19A 27 KB
28 KB 33ms
6ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSAneXMOQ1Ck0stbT25F6bcjtX8njbuajjSdGzDt-QPyWzIbOpb&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4120ac1f3bc9777c42f486d0776cb3704f6bb6cc009bdc29464a04ee474577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:04:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 11:36:04 GMT
server: sffe
age: 87281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28125
x-xss-protection: 0
expires: Sun, 12 Jun 2022 09:04:24 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C19A 38 KB
38 KB 40ms
13ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSOs62jDe7SCfCuf51vP3Bs4_MJ7DNgw-UBkWrsIYYXS7kQR907YxpqSawMChw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26c7406ed86c08030c98dda14dfda646405aa47f7bda79a4d4775da2811c3b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:16:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 13:01:45 GMT
server: sffe
age: 68556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38990
x-xss-protection: 0
expires: Sun, 12 Jun 2022 14:16:29 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C19A 64 KB
64 KB 38ms
12ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTDhAo9H4ZtQnfq1eG4slPWakvK3FCaBpoA5aMnx3LdjgOMpKfcujj0sKW1Kkk&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8680de415a5e34d0ab845fe97f3115dc7a12744c93306a0eb8807a6fb06dfdc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:57:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 16:30:59 GMT
server: sffe
age: 98491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65391
x-xss-protection: 0
expires: Sun, 12 Jun 2022 05:57:34 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C19A 13 KB
14 KB 33ms
7ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSKgX483WNnzkO97L5CxAc7HfSLFYyfw1eB5JZkAXsPdc8P3-wbqS06Mt-O2w&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb74ece3e7da8ebc96aad74c576088d8283f0c73584283c2e545ef1a0a0a903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:18:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 09:15:20 GMT
server: sffe
age: 97249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13359
x-xss-protection: 0
expires: Sun, 12 Jun 2022 06:18:16 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C19A 29 KB
29 KB 44ms
18ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRnEJbFHP62dt-NgaV9L4oK41iR8W_CAYNZ-2FbtdLvq0Dwu4kq&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f299bfdf095cdc0586b7e8e690c0ee2af36c7c20c824196121dd7b31358132d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:04:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Dec 2020 01:25:02 GMT
server: sffe
age: 87251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29530
x-xss-protection: 0
expires: Sun, 12 Jun 2022 09:04:54 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame C19A 20 KB
20 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR4Xm_7-uXxZYmSAziwOoeE18rBLS1bP2dGT5T597C5a6hHMPeYuX58HcehYQk&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1205c7e29c59fc035d0d1c0a24e1c03f2875c9d0cb169ba8d9b6d100b9622ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:46:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Jan 2021 11:14:42 GMT
server: sffe
age: 88364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20731
x-xss-protection: 0
expires: Sun, 12 Jun 2022 08:46:21 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C19A 27 KB
28 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRjr9U56n-SKXWY9Wc-XUFDK_m5a0QuXwkaRc0ht0h5LESloXferPWWgC6OqJA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ff8ece875d50f4663dac70f5ffbb598004b10d67d86a546cc45949547160bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 03:43:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 02:39:39 GMT
server: sffe
age: 106536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27692
x-xss-protection: 0
expires: Sun, 12 Jun 2022 03:43:29 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame C19A 27 KB
27 KB 44ms
19ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSiOelMnWXdTMywq910WWJs6aeZORSkv1UotIZZGllqQU47LE6V&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed92afd9e7cf19de28801b91cf6a9711a50d7b7000887359bd1ac74968a85d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:03:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 02:44:26 GMT
server: sffe
age: 65720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27840
x-xss-protection: 0
expires: Sun, 12 Jun 2022 15:03:45 GMT

GET
H3-29

200

12939242301588677835
tpc.googlesyndication.com/simgad/ Frame C19A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3kbfNeRCwCRiwCTIIIV2ndAd2FLA
https://tpc.googlesyndication.com/simgad/12939242301588677835

77 KB
77 KB

11ms
10ms

Image
image/jpeg

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12939242301588677835

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ece459a00b3055bfb383faa4f3b45b663e4909788dbd06b9d0e506614cd856a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 16:22:49 GMT
x-content-type-options: nosniff
age: 60976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79199
x-xss-protection: 0
last-modified: Thu, 20 May 2021 13:02:43 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 16:22:49 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 12 Jun 2021 16:10:50 GMT
x-content-type-options: nosniff
server: cafe
age: 61695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12939242301588677835
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jul 2021 16:10:50 GMT

GET
DATA 200
OK truncated
/ Frame C19A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b2df4e6a0b7894561ebfff81f780adde35d48b892cd5625da1e393fe2f8366d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame C19A 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:27:23 GMT
x-content-type-options: nosniff
age: 71502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:27:23 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame F26D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 19:26:57 GMT

GET
H2 502 frame.html
ad4mat.net/ Frame 4D52 0
0 36ms
36ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4mat.net/frame.html

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_ob_info=502:65ea3c3bda9e4e9e:FRA; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT cf_use_ob=443; path=/; expires=Sun, 13-Jun-21 09:19:35 GMT
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 65ea3c3bda9e4e9e-FRA
server: cloudflare

GET
H3-29 200 5d7f7505a10e8c849470265ce393f6ab.js Show response
www.gstatic.com/mysidia/ Frame 0A88 7 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d7f7505a10e8c849470265ce393f6ab.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d061cf248e6817cc9497fdf606aefb9ca23ebb78d4f19d2a4d9651090c78a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2965
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Sep 2021 06:13:58 GMT

GET
H3-29 200 506824e1a269747fdbfa68edf6a1b915.js Show response
www.gstatic.com/mysidia/ Frame 0A88 130 KB
48 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd461a3a10ed00d5e8a2ee0642a79cb2f0cd664a3bc88abf26e74befce054e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49021
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 06:08:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Sep 2021 11:18:45 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0A88 3 KB
579 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 07:24:13 GMT
server: ESF
date: Sun, 13 Jun 2021 09:19:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame CAE9 6 KB
669 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1623575944&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944733&bpp=1&bdt=381&idt=112&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U3KegbfLft&p=https%3A//hi.ru&dtd=115

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 09:16:26 GMT
server: ESF
date: Sun, 13 Jun 2021 09:19:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 0A88 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:54 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 0A88 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:14:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 0A88 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:17:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A88 122 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 0A88 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:15 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0A88 0
0 14ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvVgvhtX6BufaOo8xQ1s9Akx8P0q7CJsgbHBMxJmu67QXaklUSRPgn873Al-215iXfPn_paJbj6lKSiPArjHIq_iBnaA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ef1eb58ff665bb7a112fcf12029c3c9f.js Show response
www.gstatic.com/mysidia/ Frame 0A88 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10553
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Sep 2021 05:33:28 GMT

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 7 KB
8 KB 211ms
210ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=74084&multi=4&json=nc_editorial&callback=this.cpmstar_dynamic_editorials.editorial_1.callback&rnd=372428
Requested by: Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/js/textad_async_v100.pack.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d46df302dc87c55075d8d750794c4cfa5fd6def69a4c38d8d1eebee7b97144df

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:05 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame CAE9 1 KB
909 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:54 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame CAE9 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:14:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame CAE9 2 KB
1 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:17:36 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAE9 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame CAE9 13 KB
6 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 09:15:15 GMT

GET
H3-29 200 ef1eb58ff665bb7a112fcf12029c3c9f.js Show response
www.gstatic.com/mysidia/ Frame CAE9 25 KB
10 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10553
x-xss-protection: 0
last-modified: Tue, 08 Jun 2021 05:15:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Sep 2021 05:33:28 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CAE9 0
0 20ms
16ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeGmOiM3FYN7NNaXExgO4zZvADPKR4fde76LAoOIMloLNhYgWEAEg56GAemCViriCyAegAbXVl6IDyAEJqQJ-xh6nqVC0PqgDAcgDywSqBKQBT9CR6QaxheXuOQYCLa07Th80Qd_soOiflL0bUAuQ_Vvv6G1cTBTovasrQMp3QmOsFpExuBVsf8fygoYtbiJqVa2Yjf__INmKFDslvK5P86I_WyT06uWFWiT4Dgl4XYFGblT6ISDWHEaPw8Lkh414d8I5PUetmXMK7-AlvqW10C251cu9kL7iwIEsOOfHJt0oi_KKFHGeKdWlT35s8YHWxF9jaGzABP6UvumUA5IFBAgEGAGSBQQIBRgEoAYugAezquhdqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEP69BtIICQiA4YAQEAEYH4AKAcgLAdgTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi01Nzk4ODY3MjQ5ODg3MDMz&sigh=LruG8qNXb0I&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1623575944&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944733&bpp=1&bdt=381&idt=112&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=U3KegbfLft&p=https%3A//hi.ru&dtd=115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 6592766407814317453
tpc.googlesyndication.com/simgad/357034292315053859/ Frame CAE9 22 KB
22 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/357034292315053859/6592766407814317453

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a13fe956d743c4dfa3015434ba2f28ea4ea4eec6043a1a85f6feea371d0b8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:09:25 GMT
x-content-type-options: nosniff
age: 86980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22272
x-xss-protection: 0
last-modified: Thu, 27 Aug 2020 14:19:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:09:25 GMT

GET
DATA 200
OK truncated
/ Frame CAE9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8553750688754626508/ Frame 0A88 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8553750688754626508/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9efb644f462ed2bf0ee018423c506384991aec799678ace301a059c1e49fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:43:49 GMT
x-content-type-options: nosniff
age: 92116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1418
x-xss-protection: 0
last-modified: Fri, 21 May 2021 13:32:13 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:43:49 GMT

GET
DATA 200
OK truncated
/ Frame 0A88 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CAE9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a2fb7012ffaf545419044728f24463dec1dcd7a7744aff57049aa3c340593b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 0A88 0
348 B 48ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kpuz75eq&c=4968851668750&slotId=2484425834375&qqid=COGC2tujlPECFaxZFQgdvZcNdQ&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&umsem=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2025720583548364793/ Frame 0A88 185 KB
185 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2025720583548364793/downsize_200k_v1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a02d0404a3ad788c5ea4d042ba788f7c8828430870e45b450fe9061f51f8ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:22:08 GMT
x-content-type-options: nosniff
age: 79017
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189289
x-xss-protection: 0
last-modified: Wed, 26 May 2021 09:14:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 11:22:08 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0A88 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEDhXiM3FYOGeOKyz1fAPva-2qAecmtf5YouSzfjlDfi3w-e1JRABIOehgHpglYq4gsgHoAGytLeaA8gBCakCfsYep6lQtD6oAwHIA8sEqgSdAU_QONIi3YJ4ZD6ICEgkcgUFwyySBrhJdJuXpMPW-ZgYtJP7gRiEyBbA9pcmdIXl98gDKkjnjmJmRuaeS1osFXhw2wplgJ50KJVSegT7Na8UiiE07qY4ngG2qPpbj35Nzx4uWpZ1JWXwtcHH78x4YYFtj4QK4Yh1pgLIH5NHv7H2k-zJq-nzT-evLUVy1bOjrI0jhjEjvuZZYsQZi1fABLOIjbfJA5IFBAgEGAGSBQQIBRgEoAYugAeCg5q9AqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCHwBvSCAkIgOGAEBABGB-ACgHICwHYEw2IFATQFQGAFwGyFxoKGAgAEhRwdWItNTc5ODg2NzI0OTg4NzAzMw&sigh=mYSY9jm1zuA&template_id=3484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1B76 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 13 Jun 2021 09:02:58 GMT
expires: Mon, 14 Jun 2021 09:02:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 967
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0A88 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f167d04497f402ef058421109101dc1ca1d0033b8fa0f05f2e86dffdb8870a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CAE9 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:50:35 GMT
x-content-type-options: nosniff
age: 102510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:50:35 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CAE9 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:05:05 GMT
x-content-type-options: nosniff
age: 76440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 12:05:05 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame CAE9 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:18:32 GMT
x-content-type-options: nosniff
age: 93633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:18:32 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0A88 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:39:07 GMT
x-content-type-options: nosniff
age: 92398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:39:07 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0A88 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:48:28 GMT
x-content-type-options: nosniff
age: 81037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:48:28 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-4g5ednsd.googlevideo.com/ Frame 0A88 579 KB
580 KB 22ms
7ms XHR
video/webm 2a00:1450:4001:6e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednsd.googlevideo.com/videoplayback?expire=1623604745&ei=ic3FYOGgIK6OmLAPqPeX6Ac&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=4b7ebd1e3d513b32&itag=243&source=youtube&requiressl=yes&mh=w-&mm=31&mn=sn-4g5ednsd&ms=au&mv=m&mvi=4&pl=50&susc=gvp&acao=yes&ctier=L&mime=video%2Fwebm&vprv=1&gir=yes&clen=592916&dur=15.000&lmt=1621489930254291&mt=1623575572&txp=5432434&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Csusc%2Cacao%2Cctier%2Cmime%2Cvprv%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgP7zepwSLfXt5lQrEMZ0KK1_4FcyPY2mjo7S8subKfiwCIQD4G4yi-1ZTJAWsZBwNYAPzapDEYdqJu9MVtyxxPGlcUA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRAIgGIoeUGWm0S8-RC2cH-T5ZJStPkmYBcketbifGi71cwgCIGxC_7zUWPfvYFdtZAhjpMiANDvn-AcYiMFwgf2dmGDA&range=0-999999

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6e::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a6f6e27848ada1fa96484988041b59589885fc4dbd96fba7c2977a9181c63951

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:19:05 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 592916
Last-Modified: Thu, 20 May 2021 05:52:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=28500
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Sun, 13 Jun 2021 09:19:05 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 613F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 19:26:57 GMT

GET
H2 200 Wartime_EN_180x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1250931/ 10 KB
10 KB 109ms
30ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1250931/Wartime_EN_180x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6BBD) /
Resource Hash: 4524ce42837c6b4ba4e2c81bbebbace863ea0d6d4748ec05c9b6d1c66f785fe8

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Sat, 12 Jun 2021 20:27:01 GMT
server: ECAcc (mil/6BBD)
age: 46324
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1250931_Wartime_EN_180x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 9862
expires: Mon, 14 Jun 2021 09:19:06 GMT

GET
H2 200 ForgeofEmpires_180x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1182522/ 8 KB
8 KB 105ms
26ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1182522/ForgeofEmpires_180x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C51) /
Resource Hash: 4b3e06847c3566c1a5bd1e0e02de2197971e386491b6b56cb43d391916a4753b

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Sat, 12 Jun 2021 18:22:00 GMT
server: ECAcc (mil/6C51)
age: 53825
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1182522_ForgeofEmpires_180x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 7926
expires: Mon, 14 Jun 2021 09:19:05 GMT

GET
H2 200 image191x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1261929/ 5 KB
5 KB 104ms
25ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1261929/image191x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C84) /
Resource Hash: 63877b4f7877e6a39511dddad30f040b296e28bf657ebefcbcea070c679eb454

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Sat, 12 Jun 2021 19:31:54 GMT
server: ECAcc (mil/6C84)
age: 49631
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1261929_image191x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 4880
expires: Mon, 14 Jun 2021 09:19:05 GMT

GET
H2 200 Splitgate_Arena_Warfare_180x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1268291/ 8 KB
9 KB 101ms
23ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1268291/Splitgate_Arena_Warfare_180x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6BAA) /
Resource Hash: 376f2619fadaec161771f2d7a74dfe534c30b5a4c4f1ca354eb71ab3da5edf70

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Sun, 13 Jun 2021 03:51:34 GMT
server: ECAcc (mil/6BAA)
age: 19651
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1268291_Splitgate_Arena_Warfare_180x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 8492
expires: Mon, 14 Jun 2021 09:19:05 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 0A88 0
17 B 40ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kpuz75ez&c=4968851668750&slotId=2484425834375&qqid=COGC2tujlPECFaxZFQgdvZcNdQ&met.4=msms_oso.kpuz75i1&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp9%22&msms_cs0=150000&msms_ns=1&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F5d7f7505a10e8c849470265ce393f6ab.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 0A88 0
17 B 39ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kpuz75ir&c=4968851668750&slotId=2484425834375&qqid=COGC2tujlPECFaxZFQgdvZcNdQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F506824e1a269747fdbfa68edf6a1b915.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 0A88 0
17 B 39ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~kpuz75ir&c=4968851668750&slotId=2484425834375&qqid=COGC2tujlPECFaxZFQgdvZcNdQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fef1eb58ff665bb7a112fcf12029c3c9f.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B76
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECGsa1J1A1Q-f69RsCePBic&google_cver=1&google_push=AYg5qPIotdTI_g9LTZ319S-1AHORPUDvH_KsQ02G15Xdva2h1YTA810jTX...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIotdTI_g9LTZ319S-1AHORPUDvH_KsQ02G15Xdva2h1YTA810jTXj7XWziggvmrowh2qk7ZRz8eHYvtxX7eG3beVXUNoBo&google_hm=IXgXZv...

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIotdTI_g9LTZ319S-1AHORPUDvH_KsQ02G15Xdva2h1YTA810jTXj7XWziggvmrowh2qk7ZRz8eHYvtxX7eG3beVXUNoBo&google_hm=IXgXZvavI8pOgeyLGUMj1g

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIotdTI_g9LTZ319S-1AHORPUDvH_KsQ02G15Xdva2h1YTA810jTXj7XWziggvmrowh2qk7ZRz8eHYvtxX7eG3beVXUNoBo&google_hm=IXgXZvavI8pOgeyLGUMj1g
pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B76
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJKOS_O2FlNjVu1ueG-JGM_G0D_KMy3K_beDEh...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCRVVHdkIyZg&google_push=AYg5qPJKOS_O2FlNjVu1ueG-JGM_G0D_KMy3K_beDEhP0mY6mp9YLJW30BYMrtmqSp6HVEpeQkvizA-Q2DmZ0a4l5xqvZEXhz5Tf

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCRVVHdkIyZg&google_push=AYg5qPJKOS_O2FlNjVu1ueG-JGM_G0D_KMy3K_beDEhP0mY6mp9YLJW30BYMrtmqSp6HVEpeQkvizA-Q2DmZ0a4l5xqvZEXhz5Tf

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU1YTmlRQUFCRVVHdkIyZg&google_push=AYg5qPJKOS_O2FlNjVu1ueG-JGM_G0D_KMy3K_beDEhP0mY6mp9YLJW30BYMrtmqSp6HVEpeQkvizA-Q2DmZ0a4l5xqvZEXhz5Tf
Date: Sun, 13 Jun 2021 09:19:05 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B76
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEPDl5KOIdI-15ZvW45vJ2g8&google_cver=1&google_push=AYg5qPJxulY-Hfz15LKO-2p0xGT24gksx7ku2Uyx7UheZeSONXVWwKQd6MUvxTW_n2BUJGD6gb_jqgywZPqN1PUKZI4AtJkcy3kR
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJxulY-Hfz15LKO-2p0xGT24gksx7ku2Uyx7UheZeSONXVWwKQd6MUvxTW_n2BUJGD6gb_jqgywZPqN1PUKZI4AtJkcy3kR&google_hm=Q0FFU0VQRGw1S09JZEktM...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJxulY-Hfz15LKO-2p0xGT24gksx7ku2Uyx7UheZeSONXVWwKQd6MUvxTW_n2BUJGD6gb_jqgywZPqN1PUKZI4AtJkcy3kR&google_hm=Q0FFU0VQRGw1S09JZEktMTVadlc0NXZKMmc4

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:05 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJxulY-Hfz15LKO-2p0xGT24gksx7ku2Uyx7UheZeSONXVWwKQd6MUvxTW_n2BUJGD6gb_jqgywZPqN1PUKZI4AtJkcy3kR&google_hm=Q0FFU0VQRGw1S09JZEktMTVadlc0NXZKMmc4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B76
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEA5ySv297xdENqwR5uE4Oko&google_cver=1&google_push=AYg5qPIYI1ygDCEyW8XBTzAAKyYUaKBEXyuwpAnAbIGmrlx5ebw4HlKk3igJ8zBJDaozRKnDafDTgZFbMut1Ho6a6IT2uE_2nO7r
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYI1ygDCEyW8XBTzAAKyYUaKBEXyuwpAnAbIGmrlx5ebw4HlKk3igJ8zBJDaozRKnDafDTgZFbMut1Ho6a6IT2uE_2nO7r&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYI1ygDCEyW8XBTzAAKyYUaKBEXyuwpAnAbIGmrlx5ebw4HlKk3igJ8zBJDaozRKnDafDTgZFbMut1Ho6a6IT2uE_2nO7r&google_hm=aCynSADcw2kDtJTLTTZ6yQ==

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:05 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIYI1ygDCEyW8XBTzAAKyYUaKBEXyuwpAnAbIGmrlx5ebw4HlKk3igJ8zBJDaozRKnDafDTgZFbMut1Ho6a6IT2uE_2nO7r&google_hm=aCynSADcw2kDtJTLTTZ6yQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ban8ec6dc0h31flukuib1i2g67jd8bjj

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B76
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJf_04wLwvjk3l-Sub6HAOsqBub7eBaR7u0K_aUW8fyiKB9_pnfVUjs9ghHPsiXHq9ulRYOCR0yer_FgiMZn6sTP76Wz0Fa

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hzjEbgcjQcejvmx03ZoJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJf_04wLwvjk3l-Sub6HAOsqBub7eBaR7u0K_aUW8fyiKB9_pnfVUjs9ghHPsiXHq9ulRYOCR0yer_FgiMZn6sTP76Wz0Fa
date: Sun, 13 Jun 2021 09:19:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1B76
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN1jH0H_BM7uOv3-qD0KmI0&google_cver=1&google_push=AYg5qPLxr0TLLxRlEfLVkm5QXdIrU2Cud-NNhTPVKAiR2kUpF5o-2EvHNBA0uLUMKOmtdNaWSGW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1SkYtSS01UDUx&google_push=AYg5qPLxr0TLLxRlEfLVkm5QXdIrU2Cud-NNhTPVKAiR2kUpF5o-2EvHNBA0uLUMKOmtdNaWSGW_6ZlGppOxSIcfnr8M1vUHv0o

170 B
188 B

29ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1SkYtSS01UDUx&google_push=AYg5qPLxr0TLLxRlEfLVkm5QXdIrU2Cud-NNhTPVKAiR2kUpF5o-2EvHNBA0uLUMKOmtdNaWSGW_6ZlGppOxSIcfnr8M1vUHv0o

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BVWjc1SkYtSS01UDUx&google_push=AYg5qPLxr0TLLxRlEfLVkm5QXdIrU2Cud-NNhTPVKAiR2kUpF5o-2EvHNBA0uLUMKOmtdNaWSGW_6ZlGppOxSIcfnr8M1vUHv0o
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1B76
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwso...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 1B76 0
12 B 27ms
25ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ipl7ovZOdrp87VxIlq9l03_waN3viunhjG-iZedCss5-FomeoOsOxPIfnTxKlOw1YqWgvG

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 22CD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 19:26:57 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 34ms
19ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210607&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c891f72ea7e0987490c68ae10c06650e4de4a4d17ebbfba49f33c55998a0cb8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Jun 2021 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8005
x-xss-protection: 0

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0A88 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CB4mfiM3FYOGeOKyz1fAPva-2qAecmtf5YouSzfjlDfi3w-e1JRABIOehgHpglYq4gsgHoAGytLeaA8gBCakCfsYep6lQtD6oAwHIA8sEqgSgAU_QONIi3YJ4ZD6ICEgkcgUFwyySBrhJdJuXpMPW-ZgYtJP7gRiEyBbA9pcmdIXl98gDKkjnjmJmRuaeS1osFXhw2wplgJ50KJVSegT7Na8UiiE07qY4ngG2qPpbj35Nzx4uWpZ1JWXwtcHH78x4YYFtj4QK4Yh1pgLIH5NHv7H2k-zJq-nzT-evLUUw174xDGO64sm6n3XNN1SllE-PS5nABLOIjbfJA6AGLoAHgoOavQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAkIgOGAEBABGB-xCQdUDok8__CLgAoBmAsByAsBgAwBuAwB2BMNiBQE0BUB-BYBgBcB&sigh=gxalkFMaaGM&cid=CAQSKQCNIrLMb78N8n9YL1baihSvAG8NBhCl_Zt1irvY-_N8piowJB5q7H2i&label=adresume

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 13 Jun 2021 09:19:06 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame F9CA 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 07:56:57 GMT
expires: Mon, 13 Jun 2022 07:56:57 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9C13 783 B
534 B 16ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2437d5358b0f94c325d25e3dc1cac8e5722400cc3227b46fcbe3c9afa554483a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HDRTkVGXNwL73JEOBT6SeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

expires: Sun, 13 Jun 2021 09:19:06 GMT
date: Sun, 13 Jun 2021 09:19:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-HDRTkVGXNwL73JEOBT6SeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame F9CA 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 19:26:57 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210607&jk=4018210866701090&bg=!jo2ljcnNAAY6sG-_OrA7ACkAdvg8WtKVNHEWjTtlo_idfwif5t0MH-5HNNz3kfLdIORhP6F_1QhgAAIAAABjUgAAAAloAQcKAJOQHjv1SLD3jPbeIf3ymOdMR4FX33p4eK0LxhaBxtmLkPKGR4A3gv0c-1FrDnF8XaWEGlGAI0_-p0ATPIXeCosLJqfvqPDMz9Ax1bnf0LjvEhIbxUtNVcfHJgxThQdzigId_i0ymsBwJV3-WaQJZC2AXH1Ab9qqFajT781OGH4LB8cmqY7XRTSXZ6cWq9gPISntJTeZAmkhL7eNk8eV_8Yit8u7cwAMtcOaVgKzr0AHGm2JYGxMvuEQ3Rm1ZgnZiKiapIOVfCxjqQ61Xe3QU8CWEevnJt_yjHeIzq7aI79RdhR3pU8N2xF3OUDPW467DteHRIWOidGbKeYfH9eF5PaDnltpT-T2EjLmZoRZs675kB1uT_mehlDw7SMa85mOfH02s-AQPkrtPK0bXtcWhnxJN5qgAxkFBB4GBX4RSA0BXJOmYZi1-RoeeLxCSHH93nJaZFHLx6ukUQdvwvO4t_6IbFIVXw6avlvjrMjHIjXeDaHmTka9kxdf9gDUArI5POB6o__0_uX2JpgyIpOafK02xizwOXzXK8lhjHM0xkaersLLErE5tZkXiYNU6ysb-L6EcRttvpkAagvlUE8bLBU35iFlV5OpSXKN8cNXEKowDWPKl46_uTUrP2jH_tUp-wZUW_Ycpa70OZcgxuCG7nFdw89v6TbUbosgnaEJgGmcDKwyD4dBhV6khGPnXhTPX6nlKpxtDEAkvHNsJvTTvSd7zMNNqSugURmdYimplrTieRnl2wk3q-VGpUw6yTGvb82Zhur3dQ51YTGV5UXKkRYTf8WspuHyOYITXrigzuuLrcIA2Y278V25LPQHbu8BDKYz8cXvFxFhhJGdiwMtThze436aUiVqlHiRRp3WJhS2MNWF7xkG0JQS-KXhhiDQ3DsNfohUz3k0hj8uLBw7zP5h4vWYD1k4vEbcYbCnu_U_hpKBXiL6yZtA3N5iujwDFyBhaIJfFWrLi_QYgSMjyHQt2GHnU8w63-bADD18an6824hG21OxWua2wdFI5iy4Tw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0A88 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C19A 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz6FTVa5Dg3fD2yx10CsJLqc03vs9bjqFabYqinR3OjGk5drDAMDCa4tR03TJGRl9lTtfK9M2E6JRRTDUQVjUzFo_dLub69ZJ5Su5AANdJO2eNknwGuQxBVQGoAA&sai=AMfl-YRX_Sjqcz-E2CFr8S-gviwNeKP407Wdp6LHyD7EYfZeU81rh5Thj1s8WA8iUmxOJIiG7LVreBas4wXd&sig=Cg0ArKJSzEnDh3TKj4hwEAE&id=lidar2&mcvt=1000&p=92,346,182,1316&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4009741209&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623575944839&dlt=607&rpt=138&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tv-xml3.php Show response
hi.ru/ 257 B
363 B 50ms
50ms XHR
text/html 2a00:15f8:a000:5:1:12:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/tv-xml3.php?idcity=524901&_=1623575944630
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:12:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 268515a8771eebdc7975a58053674b00057f3bb98f8c8e25c6c338e33dd58649

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ym_uid=1623575945267964133; _ym_d=1623575945; __gads=ID=2dd51e6d1805778d-22dc3150efc800f2:T=1623575944:RT=1623575944:S=ALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw; _ym_isad=2; _ym_visorc=b
:path: /tv-xml3.php?idcity=524901&_=1623575944630
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: hi.ru
referer: https://hi.ru/?md81
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://hi.ru/?md81
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:06 GMT
cache-control: max-age=0
content-type: text/html; charset=UTF-8
server: Apache
content-encoding: gzip
vary: Accept-Encoding
expires: Sun, 13 Jun 2021 09:19:06 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CAE9 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU8Nk0EEvoHPkVRfjKKk9p7EowyP9IVKE4S82T8G42-edKoR_eHcpLPw6Ve-4zabjXIzBrqsSkqEfSWCKwwsITlg6NxCxVxo5tWyQE3cpi17i_i2od2bpkEJ-HOA&sai=AMfl-YQ1UjOR97Mr42x4atgd9Q035VyDJkWuE9mJKuounTcDIdEAgxsw00eo_25r7HMW9_hG_FQkxJWH5UN2&sig=Cg0ArKJSzAt4cyQJDsxAEAE&id=lidar2&mcvt=1000&p=606,361,696,1089&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3361842836&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623575944850&dlt=801&rpt=130&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0A88 42 B
64 B 34ms
34ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-z1zKOh-v2OvZkdDlII3CYZBbluA6uzntbWur6DvwkpWJKBfCYzHx61qnZbwu1CJxemX0jbNstajICFTPc65M39wYMF9NCTv8e0wqLW_8_DOtNNbD9-miqyk2Cg&sai=AMfl-YSMxuHAXSBq-GLQYiIph2Wk7TNRIBu6nhfOSYL9ZjmZr7FJfnToON3rjaZyi1YWmR68QD8S-8CoiSU3hTsGaYGmuRi8ox5CcVc&sig=Cg0ArKJSzNETpcDWQ8HsEAE&cid=CAASF-Roh8S8wZ079XtIqLnzj585bQVrJ_Qo&id=lidar2&mcvt=1000&p=241,1140,491,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4038436&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623575944899&dlt=749&rpt=81&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 0A88 0
17 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~kpuz75is&c=4968851668750&slotId=2484425834375&qqid=COGC2tujlPECFaxZFQgdvZcNdQ&dm=15000&event_name=first_play&asset_bytes=250198&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=13&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=lvlcl.kpuz75o2
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/506824e1a269747fdbfa68edf6a1b915.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rs Show response
ad4m.at/ Frame 7879 1 KB
1 KB 49ms
48ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b83cddbb8e637ed6bcce3bb3d2820d9f03af91f2c00b89e6bfe89afbb0b67c

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jn2e3aendqtfznjb6a9ypqhr3qmbrtgpr06tr0c90q5ts0ezjc44bpx8f797h6v8m2s8zsbrkmcrnd099dkrpg2xdmt0948xmj3nn89f00t47yy26mrk154ze8tnrd3qf8c16s9958ws60za8neczfy45yhjy9s94c76f9e4vnerq6dqph00t05yfwzmw1s7k6xv485g0t1wkycwxt6yha4ptnja0m1nrfrymbtxm55g4x9esm7ackeqn6y518pamrvmdfw6eyy0t40qa0y63x3rqg0kfq7ngam6vw3n5k33xdpnc40yk8she6m789cza3d9bvmz9ekgv77vpmsnbj13hjwv6xq4hyzztbrpsswbbp9xfwayj10ekyzt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 0aa644015500001f114c95b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WrigTbr45SXvD6wi1OjChzvLMeuVdDYLoEHJgvgEvUOcgWf0QTpFVv%2FWqTEzv0nNJH3IWanenn7zhqRfVQiwBoQ53dP%2BhoNm4TdwGBAIs2BX79AXlYRS3SkmmntADIp1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 65ea3c487edb1f11-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 77B4 1 KB
1 KB 46ms
46ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b371b3fd76fa1b0d6c636558f0cb4cb8a2b88c9f6df08904d43029ac1d4a713b

Request headers

Referer: https://ad4m.at/ad/dr?ed=1kbcfncq1y1drv4thaqwx4p6q526ezhaz15krcjdea11khy2dbq61x0zw5mnhw3c8e1cx28yz0zrzdy3sy8bb2sq6krtakr3p0pbmb1tt2fbkz2xb3h4949tscddxce33xfk7qb72ewx2whr4ghsapscaxkafxj0jh7enszt5sy8t80q34fzct97ee85chcjdeftsbqf1a61pkzhxq8sgnqbhjyf9vwnw29gm6jn6xmcwsembz7mj3ytbrqd8b9rx2akzx4erfgabaayhcysw9s4r6c5rm1856tdawt7f8ag10j5myk9dg1n37949b9vjdp80557hrw5c4vd94xgch9emt8xbd2dtcyadnbkkqc1c1fngdqaf2k5m17h0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 0aa644015100001f119b174000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GmsI%2BBeFr7TGuS3XURDPYwyw1bgGIwSNTwjRAz%2F1QW1bx75V8IUENSFwmxoDpAF5dciJX6EV52KBtZttnQ0AJmH1L%2BNIuR4k5ipUzoclodzzA6VH%2BTBUr7O7%2F7TDZlTH"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 65ea3c488edf1f11-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame 91FC 1 KB
1 KB 79ms
79ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f66a7192d2f0324b121a48f1982f2a67be12c9cd7c7716f9d3aa01efc83f809

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jrz7a91bxc2z0b94ey3r57efzqqp5gx28wayxepsva32ps8thpp3h4pvyh9kq5e92ytpszj6vnkn7h90nhy3h94dtk34ctrwwd9qb6bhhejhqy01tm60e72qnqzt4psm8fkancnhka5w06m5gkbaxvrvj8jphe46fckh7qh2qbf69emv89rdevqehpq422qhme82e799kafgz6vmkmb4bhgtfrb6t34g8k7c8srg6kt19wp569jzhx52tsj8qbmyhyjar95jdpeyg66f177se4pxwwrjye6wg3aty48553mjrm9b6wk6svfv69zwfwns7qeqp8870bv4pjm0tf9ctsf22q3n0vep373crb2bj393t6g6hvmc42wdkgd4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 0aa644015700001f1141ab9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9EtaQXeEGQlH5sC%2FPacwsVo3760g9yABgN1DCNZKbnlHUsyXGJUxubYTIkZScqXy0ybD0PGM2Nl10MqzbTnoURiokGotcTsL0Sf9q%2BNmOSYajUimKsXvO%2BvzY6dhPqnR"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 65ea3c488eec1f11-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame EB1C 9 KB
4 KB 37ms
36ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f5722af65e998ea09ae660dd2621acabee7475e128027c69f8659471635fcd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa644018a00001f112e38e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c48dfb11f11-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 742F 9 KB
4 KB 55ms
54ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7460fe5ae4f29f4bb796c5d3f06f846022d5bc592649c7eb82090df1430fd41

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa644018800001f116f3a4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c48dfb81f11-FRA
content-encoding: br

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame D406 9 KB
4 KB 66ms
65ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

755cd5b67c8c19b563be5648a17f7e327f4c5f59bdaa7b3e1f1f29518e293055

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa64401ab0000d6d1a033f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c490efbd6d1-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame EB1C 59 KB
7 KB 63ms
63ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 946878
cf-polished: origSize=60706
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 0aa64401c60000d6d14c8a1000000001
cf-ray: 65ea3c491f0dd6d1-FRA
expires: Sun, 13 Jun 2021 10:19:07 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame EB1C 18 KB
19 KB 18ms
15ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 304966
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UyhRPxWLzFSCNlrGuaU1AmZVc66ckyfiq2dkOcMzqZs09xFMcK033SWjozGW1eUYo6oWBm_kmbpz-aZEXg6aFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
cf-request-id: 0aa64401ae00001f11a53d8000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QwbdBkFoon5OFonqsKO7ncBXRSlMqYG3MP7Bhl0uILqIcfJxb9aEtCHLLM6LBe9ifydV8gO%2BeTkZSAIqQwAvK1RYWhVAgwbJ%2FOmBFFWEhKenSp6pXr2CRhkPaGZo6smqFPSOVV%2Bngw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 65ea3c49183f1f11-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame EB1C 2 KB
2 KB 18ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 301297
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Uzreu9CvGthlP_pIs-Z_vTmQCgPXelW6kYRYNzLetN9fW6t8dmxsqwdbh84J2GiBSUNEQWqlNPgHKTIMIx9kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
cf-request-id: 0aa64401ae00001f11a12c0000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MUKV56hNVcecSXVXJsoaLgEyWz2yPUMJPMXB9pZyqNp0FEmzM87D3%2BndPbxzJs5T2t6cTNSk5q6sGnWtolbD2AmaeqSB49zpvHfY%2B2sLWypAEN31a49ZvPr3TIOYa8Oz9WpPDmLuoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 65ea3c4918421f11-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EB1C 43 B
702 B 108ms
55ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame EB1C 38 KB
39 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 303679
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-Uzr0EZTIv6pOlWGMgCnZcV3MGJplnutecQHagh-_nZW8krEyfduo6riFvizPc2l-swXADlCTT4PS9XPCIAGK_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
cf-request-id: 0aa64401ae00001f1141ac5000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pRNrW4yEdjDICYLeBQVqlr7e2uQ%2BPgyd9%2By5ocgqGispNiwFKnkjxoN%2Bs%2Fe5cX%2FIeCbn925022FdQAXFxd%2FCkOtx%2B4wdvPltArDb2OTuK4Y02pgW2kUjLi%2BlVBejfgBuKgLJYMvSjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 65ea3c4918461f11-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame EB1C 113 KB
113 KB 33ms
32ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 298131
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UwTiWM0sSDXjOVudxEcMPfTJw3f31CFwdTo34aMqGsdDgCq7w-tbTAMmQZI5dJkrVqWCh5VQKcA7lEEeFr0QZg5kNjhzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
cf-request-id: 0aa64401af00001f1179893000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pVloAeStsvCnUO%2Fr2jx0UxPOSo%2By%2FPaOuWRlSrSrptJup%2F3L88F1UcxMpl075doCeJ54X6D49m0RGFNwcoQ7h%2BzcTt0%2FTD0nXKlPyhnkyvllwZSdgYDSjmPINsqzrPJyPFbnfJ7O7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 65ea3c4918481f11-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame EB1C 43 B
703 B 104ms
51ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame EB1C 38 KB
39 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296508
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-Uz_yiSFar8GZ6iwTnaXe11d2dRzGawI2yk4fU5eaGHJ-7skv4UDSnWWd_OoQfdMsc8UCaeD-u6eGKdm9hcKt1M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
cf-request-id: 0aa64401af00001f1135333000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wIxwBfuG6LfYMfAhx3zopClLqKgz4oqvTUw1dvc%2BV7v9ZlBYtYgC7%2FJlnycgNuHznqQu9HSZaVqxloEOP0dWrY5%2B7hb110x%2F8feaPD8tqSXGcDNfD4%2BrrpIvP%2FtbXAXMLGfLItY0Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 65ea3c49184b1f11-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame EB1C 84 KB
84 KB 18ms
18ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1772500
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
cf-request-id: 0aa64401af00001f117ca6a000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q8Leif7brUlGfYhCRmRqFlyqh2czlcA3jQMAhMkoEAPLzPESXP4nNCSTFK5DQAHAO9XbmMdJrDAY6Dw%2F9R0pFfCJTws2vecL3%2FUVVuu0HD3%2B%2B%2BhMXT5r4ZA9lR2GTLx2Bk5oIzvk6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 65ea3c49184c1f11-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 742F 59 KB
7 KB 43ms
42ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 946878
cf-polished: origSize=60706
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 0aa64401c80000d6d1c21f3000000001
cf-ray: 65ea3c491f6ad6d1-FRA
expires: Sun, 13 Jun 2021 10:19:07 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 742F 18 KB
19 KB 43ms
43ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 304966
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UyhRPxWLzFSCNlrGuaU1AmZVc66ckyfiq2dkOcMzqZs09xFMcK033SWjozGW1eUYo6oWBm_kmbpz-aZEXg6aFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
cf-request-id: 0aa64401c80000d6d1b5060000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PSZTFRzh6zgNRXURcfBYaNfZVTlGdsWmR%2BDW%2Fjd8TKqXgG5e5YK57DMBHgzjBKfMg%2BPmoJp8CsZgkqZ%2Bm34yFaJGEFLOvGW2d%2BiOA6F0tUlkrCD3tKhHJfwBLJgbPvFDoHWBp6XizA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 65ea3c491f6dd6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 742F 2 KB
3 KB 52ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 301297
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Uzreu9CvGthlP_pIs-Z_vTmQCgPXelW6kYRYNzLetN9fW6t8dmxsqwdbh84J2GiBSUNEQWqlNPgHKTIMIx9kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
cf-request-id: 0aa64401cc0000d6d1ad292000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JpPgLairWnWaS9JnH3x3BptLQnTz7v6LoKOGvZ7Y7ynb3fqQ6stsiJ3i8kVeTvDzExFFT2wQ7oM%2FuKx%2FNLqoKci0m52HVmZUbrfKybX9HxwkZsBtJiEvmgm3MJYW4gjXPbpmDIetuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 65ea3c491f7cd6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 742F 43 B
702 B 102ms
52ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 742F 38 KB
39 KB 42ms
41ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 303679
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-Uzr0EZTIv6pOlWGMgCnZcV3MGJplnutecQHagh-_nZW8krEyfduo6riFvizPc2l-swXADlCTT4PS9XPCIAGK_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
cf-request-id: 0aa64401c90000d6d19abd6000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2qaoDaB6M5gGbH8AN07LV5khsA6LNkwtopf%2FEacfdivXzLTIvIohvw%2FiHQu0rpGljge6QYfM3NwlGqa22bND9KlpH972AfVzgOKoRJt7JAKUvKq56MnVkI1XnXPgVDLb4ywzc04dBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 65ea3c491f70d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 742F 113 KB
114 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 298131
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UwTiWM0sSDXjOVudxEcMPfTJw3f31CFwdTo34aMqGsdDgCq7w-tbTAMmQZI5dJkrVqWCh5VQKcA7lEEeFr0QZg5kNjhzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
cf-request-id: 0aa64401ca0000d6d16128a000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q5psMC%2F1SJhpNMkADLA1jYNUY47UREO3Tyu0F6gDK5TGXpurFrF%2Fpf0YvhsFubYU4iLWkyEJVxBcLt%2BaHublwUDGOd7dHh3cTxa16Wm7ytjZn6agRWbH4lupoiU7ohhHDE1d1Q8M3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 65ea3c491f73d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 742F 43 B
703 B 110ms
58ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 742F 38 KB
39 KB 46ms
45ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296508
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-Uz_yiSFar8GZ6iwTnaXe11d2dRzGawI2yk4fU5eaGHJ-7skv4UDSnWWd_OoQfdMsc8UCaeD-u6eGKdm9hcKt1M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
cf-request-id: 0aa64401ca0000d6d14932c000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hilo%2Fk2HvIKZ%2FoNWOYrWjouX7N60i%2B4QCH%2FiV8GvpaRjY8Jy1D6LxXcX6DpTHl%2BQh857nCHyhvjCHJXnDVDJQ6ejUa1vqJd0uShp2Q8H7d6oFiSssNy2grveCnb3XKteqityQkcD0A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 65ea3c491f75d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 742F 84 KB
85 KB 32ms
32ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1772500
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
cf-request-id: 0aa64401cb0000d6d19b8ff000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PpSoOvsw0p%2Fghfvmwk7lvNvwkxpsoahPKK%2F5ueqlhAeypLfzVW%2F9fQhRjJAstp196IYJhRCFDe81%2Box56A1kxtI%2BNZDceC3zgpB%2BFFik1EnHeokedD9rgR8s5HqHBqXk1XE8pw2B8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 65ea3c491f79d6d1-FRA
cf-bgj: imgq:85,h2pri

POST
H3-29 200 rs Show response
ad4m.at/ Frame B96C 1 KB
2 KB 206ms
205ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5832959bcbcb0af1b7d9b6a18ad3592317ed6f4843d8a4a450d1e33a45404214

Request headers

Referer: https://ad4m.at/ad/dr?ed=1k88x1x9dfsam4n4wqsw2kjrxe0xme16584eeh6a83f0tr3grkwk0srjhw530r3t6j7njj15x7nky27tbexbg7eg41mejffh93g443efs09nvf3hm6zt5c75q55jv00tkdw3ezdrdpa3dhmnf2pwett7ah7j5ssvb7csfp1497ecjz33c7eqytgdk4zap6ss7crkh60ypr98kv0b003z0y5vrth2pbxn8xac7tqs23y1pcs0znbfrba7tka9wn6vt04qthq2y75xhjfzpp5fz75gg4fbh4yq2cz7bsyekmshjsqtxp87pj9343b1w90n1aq7tzbn55g3cs3v8sq19jtx6wrf2x2qd1ymxk7404zg3m370s7mhqpcvqrae&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 0aa64401f50000d6d1c6bbf000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DjvTB0zLefWDksv3m2t%2F1wgPWsd%2BL6Y4j9norrQu2Ob9iHVH9lcnjgN5l7aA0Z4IMxlIJv36uzMawPRXW0cdj%2FfoV2xcGKAig4So91fHtsTNPtQ5K0DOP4UZL6Q5tQg4"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 65ea3c498fffd6d1-FRA

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 742F 12 KB
12 KB 251ms
119ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 157887761a6458ceb45eab50595a7953ef8a1c589071a66dc5ee88132a1ee332

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:07 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame EB1C 12 KB
12 KB 244ms
110ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: a44a3a6c65546d76c462995523b52dbcb211bcd3f0d5cccf961d3ea389eb8adc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:07 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame D406 59 KB
7 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 946878
cf-polished: origSize=60706
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 0aa64402110000d6d15397f000000001
cf-ray: 65ea3c49b856d6d1-FRA
expires: Sun, 13 Jun 2021 10:19:07 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame D406 18 KB
19 KB 29ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 304966
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UyhRPxWLzFSCNlrGuaU1AmZVc66ckyfiq2dkOcMzqZs09xFMcK033SWjozGW1eUYo6oWBm_kmbpz-aZEXg6aFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
cf-request-id: 0aa64402120000d6d158294000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t%2BLc1jbu0LHhWME2eNetj4ehnYqfzjv7dK9HpRXw8pNxUaagGQg8qWD9tacyJvsu4btwN4vkLoFKvH2gMwisSEwenf0R7A3BCpsZhYw%2FOytSTRa5ZRdvKo94P6V9A06kxujezzYxuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 65ea3c49b85cd6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame D406 2 KB
3 KB 28ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 301297
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Uzreu9CvGthlP_pIs-Z_vTmQCgPXelW6kYRYNzLetN9fW6t8dmxsqwdbh84J2GiBSUNEQWqlNPgHKTIMIx9kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
cf-request-id: 0aa64402130000d6d160a19000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rTUBg%2BnWkQeV7xSb7%2F9agxtwXBs0GbShJQuq7QT2YIasbgXfFhF1fF0GKTQFOTh1O%2FPs9AVlH5c7umaP3hBNP8%2FHlBYU%2FAfVotipNZTsTyLgpXV4XvABixPe%2BsCMIyYCyH6Ha0WqdA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 65ea3c49b85fd6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D406 43 B
702 B 57ms
53ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame D406 38 KB
39 KB 28ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 303679
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-Uzr0EZTIv6pOlWGMgCnZcV3MGJplnutecQHagh-_nZW8krEyfduo6riFvizPc2l-swXADlCTT4PS9XPCIAGK_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
cf-request-id: 0aa64402130000d6d14c8a7000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hCeKW9zaVSubNFnb13Mwjue1fEvc8i%2B7s2XxqtrcNVCfjLNyK%2Bk9EaS5Vm%2FqycfdV1B8Va5AzAcyA%2FlzvcWnkDv%2FTkViBQsV9T%2FRTA7beIimSrFnlI9idN%2Ft1HVYBwJpw3BBVIfL%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 65ea3c49b863d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame D406 113 KB
114 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 298131
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UwTiWM0sSDXjOVudxEcMPfTJw3f31CFwdTo34aMqGsdDgCq7w-tbTAMmQZI5dJkrVqWCh5VQKcA7lEEeFr0QZg5kNjhzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
cf-request-id: 0aa64402140000d6d1b60be000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=itxCOQ0eVyMiqc%2FDSIbPEGfMRKQqCCMMIMh9Bm4JnwFwz6kFsF4UaY133%2FzTO%2FjMSx5lVT7hlMDah8ASYlkEmr7JzN18lH3HQ5XmB46A0KLrER6u3fVrsjeIgSOcz2sU4%2BWlNtwOtA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 65ea3c49b865d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D406 43 B
703 B 62ms
55ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame D406 38 KB
39 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296508
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-Uz_yiSFar8GZ6iwTnaXe11d2dRzGawI2yk4fU5eaGHJ-7skv4UDSnWWd_OoQfdMsc8UCaeD-u6eGKdm9hcKt1M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
cf-request-id: 0aa64402150000d6d1b11dd000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oi%2BO8AgcMuGvYlzMAgzhU01E9kVd1f%2BjyMFDximb470PlysLMGT%2Fc7u3c%2B63QoJ6YvMXQXJd4WJ2rQiazZtKxuP3f0BSWXrlwObmen8kJx1Tf4AvK9QMpUy3aSJ9MSN6fgSKclxEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 65ea3c49b86ad6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame D406 84 KB
85 KB 30ms
30ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 13 Jun 2021 09:19:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1772500
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
cf-request-id: 0aa64402150000d6d174b0c000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=un3DtMmU%2F1rDQrlXsTBn2zRuYcmWZNt%2BbaDuz9tHIJMnPwuAUbAxexwsEIYFa8kHnWP5iwIQSYn9f1diMwq5vcvwSzovgUQoyN%2FtUNqT5uM1kH2sLP5mVVgFX5UGT5VhJPty7SNTMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Mon, 14 Jun 2021 09:19:07 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 65ea3c49b86ed6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame D406 12 KB
12 KB 237ms
108ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: dc9493114e04d4018faf2eee12e319b931cd64574eff8c932cbb58d6ba12b424

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:07 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:07 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 rar Show response
as.ad4m.at/ad/ Frame 3699 9 KB
4 KB 32ms
31ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c70232b69b2ca3f9e8159217577ae39ad168b9c8e6d24c8aa834aacda078b5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:07 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0aa64402c50000d6d149342000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ea3c4ada9ad6d1-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 3699 59 KB
7 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 946879
cf-polished: origSize=60706
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 0aa64402ea0000d6d149347000000001
cf-ray: 65ea3c4b0b1fd6d1-FRA
expires: Sun, 13 Jun 2021 10:19:08 GMT

GET
H3-29 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 3699 18 KB
19 KB 35ms
34ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Sun, 13 Jun 2021 09:19:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 304967
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UyhRPxWLzFSCNlrGuaU1AmZVc66ckyfiq2dkOcMzqZs09xFMcK033SWjozGW1eUYo6oWBm_kmbpz-aZEXg6aFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
cf-request-id: 0aa64402ea0000d6d16627b000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G4XPSQlZZ2QmA%2B9Pi2nD1kUTNbg0hj48FUCd9GokHhrikKMf%2Fh5qNfW%2FqBQR0nnOQ9X%2BJ8mI4cF02Gjd3y3zlWrp%2B11mfDoyoYpJ73Ri7IxGSWQMIsRlx8liJh4qddqOy33BWoqw%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 65ea3c4b0b22d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 3699 2 KB
3 KB 22ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Sun, 13 Jun 2021 09:19:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 301298
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Uzreu9CvGthlP_pIs-Z_vTmQCgPXelW6kYRYNzLetN9fW6t8dmxsqwdbh84J2GiBSUNEQWqlNPgHKTIMIx9kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
cf-request-id: 0aa64402ea0000d6d177059000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C8LS3hzI%2FUlTL1XH6IJGvHqb4gbr8YKboZ0wN4xF9RoXicfSSG1KmIecKYjrvVVeCVjCyKGQ82E4OxQ%2BsAQZOcD9d27y98O24xaZqSjuL%2Fnwz069HIT3dAIdKFFrzVd1wAFYOjXqfA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 65ea3c4b0b23d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3699 43 B
702 B 109ms
108ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 3699 38 KB
39 KB 18ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Sun, 13 Jun 2021 09:19:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 303680
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-Uzr0EZTIv6pOlWGMgCnZcV3MGJplnutecQHagh-_nZW8krEyfduo6riFvizPc2l-swXADlCTT4PS9XPCIAGK_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
cf-request-id: 0aa64402eb0000d6d15b3e4000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nOOx5zcGThxsQpjOCdeeT8CJxKsx%2FIsThI7mSvRjhb94zuN8KqDRR6NFlEn5%2F8MiXWEppf2wmQcSydcG4wWRnWqQrLV1%2FadXhs6jYu23DZZeN9Q0JF2GRSVimsynTxZdJeJxdAj4Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 65ea3c4b0b25d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 3699 113 KB
114 KB 23ms
22ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Sun, 13 Jun 2021 09:19:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 298132
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UwTiWM0sSDXjOVudxEcMPfTJw3f31CFwdTo34aMqGsdDgCq7w-tbTAMmQZI5dJkrVqWCh5VQKcA7lEEeFr0QZg5kNjhzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
cf-request-id: 0aa64402ec0000d6d1c1902000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F0bIlTL05GGY6M%2BMAtEzEYW%2BWyj3s7CjBlIhBjDuIU%2BJ4xG4U41%2FzLVx7dlAU1uXnWWUoFj%2FBv1GjJLYAteE8dfQTKFDzbQ%2B2UgVM75HacW4UyhQPt0QioqWiXxG26ms1zBSW5cN8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 65ea3c4b0b28d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3699 43 B
703 B 59ms
58ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3-29 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 3699 38 KB
39 KB 41ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Sun, 13 Jun 2021 09:19:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 296509
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-Uz_yiSFar8GZ6iwTnaXe11d2dRzGawI2yk4fU5eaGHJ-7skv4UDSnWWd_OoQfdMsc8UCaeD-u6eGKdm9hcKt1M
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38696
cf-request-id: 0aa64402ec0000d6d1c2203000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YJUTWF6OjoM8M2in4TVjVlBffRemKhW%2BOPNk3%2FjHIFuabIEM%2F36X0eNnmoaEcMRZi5XiebzPgduB%2Fdt4uBqM%2Fb8PTQPTpAuYPUiTbcpJO24YX1kg0dBwd%2BKG0VjoaxHWkmn41t5FmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Mon, 14 Jun 2021 09:19:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 65ea3c4b0b29d6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 3699 84 KB
85 KB 25ms
25ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Sun, 13 Jun 2021 09:19:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1772501
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 85604
cf-request-id: 0aa64402ec0000d6d15634e000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n77oESFKqvbQKKzK1P3Zti1p%2BeLVQQrD3E1qPznIOZ9R2TFtpGyL88FPe7qUBmNNTpmRnlfP8RpumebDQkLUkp27iQWmvbptdmAtTZLJzOYCb8%2F9dHF9s0DyYYmY2TIAGLILPNVuzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Mon, 14 Jun 2021 09:19:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 65ea3c4b0b2dd6d1-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 3699 12 KB
12 KB 174ms
107ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a40ab1f4f8182464c8af8204f7893311%2F8077710057445629318&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21r141ba52s0mggdz8ds52xcgwessgkry6ykwd6ftq8ehyzcsbae7wbt0jppx72ev9kz1e0zf4ne297qq42qcsjcxshbpw496nz5fv752vt41q75a2rch6d6d3f4mx0z86667re2k1gw927xsg4jkbcz24q9jd18rpczzaq0ha5e4j20gsvbcbd56hfsec5anr84c1cdx7g9ms9kw8xsr891nn36pne2ntj8s6xaxw6h864w29fg8wbf7kpx6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC3XRHic3FYO_DAbC_1fAPlKSDoA2Q4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJ8BT9AagWgXyC3rTUX43qzG-2zdkHNkl7rDeT7aqOs0oTbS-7ITxLg6c04GsdUxGzkbMww0V43NFQ4OjPHgZIeMsJtj5E3tFLGubMEdrYIzMz2htBdLFpFp-6EARKI-PAHzcW_8VuLUbJqiVRWGsT8w542Hd6oORDUDS4-6Dk1rGD-rsHDTn2zP2BmU6huEcp1WxU3bwp6-mQ-73wt2esIigAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3LRVAQXXDDOJkAlPntMQsgWS4-CA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 35e180aaf3576afe58fdeea6774dc9ea48aabf5e5884f8bb85c5c3afbc0a24ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:08 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame EB1C 60 KB
60 KB 81ms
22ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:10:28 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:27:08 GMT
server: AmazonS3
age: 83321
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: uWGwpeiJK7dFx6P5ezzwvjUI6TOMQsNl8_1psGuA3Lu0RZLaNDly_g==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame EB1C 79 B
374 B 139ms
47ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=78a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2pW_IRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtFMk.Nk4Jk.seI_FeAiwdMtTny6fwHCSFQ_01kKJA237lY5BSmVjMk.7.R&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221623575947%22%2C%22%22%2C%22%22%2C%22%22%2C%221779095947%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=21ff99e196c837efee6a7367b3e6f14c&userIP=37.120.137.158&doAffectv=1&wgtime=1623575947
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame EB1C 85 KB
85 KB 109ms
41ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidpA9u1fgfj9WfKC4HmtztQ7Yhbt7tERYoneid__asuidDkJOmz9ZqN93UcweNwDlAV_adU0a6Ym_asuid__webplexmedia_advancedad_Desktop_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=8e1faf255776ce9546f249160e96b4f1%2F10861319646914608648&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23m7ncn4qdmcb7eza67aa53e597nse5t2wafvyarq38sxgfe71m651vjyx09aqj5a51etajkx76f412f4r8swp5m25bk4z3k6q6w6djc6yh6z6fbsbggmzwh69346vt2gq7fg1r4g4bngtfqnxyxeavw4pdxdgekgwarchpcfwf1np341q7zz7ayrqkz8dc4fcf6jpx29zy56fvxf4j6sxjcn8wwc9vt6q5dqm1bnydcm2rg3m7v7tnzapfjc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVkU4iM3FYNmZOfWAmwfUh5voDpDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJ-xh6nqVC0PqgDAaoEmQFP0KYC3ptErasaOXsdsQxeeNdutTl1-hHZtgfmKu-SCYCFhL6cy44dEZj5v9BBh3s0PkWyRaIVG7vvJxARddvs-X2O2q8U4tzfHF2DJvjE1ojUKONsQcKWcpj6-8hNyS-MQj1BOaCHPpgwubzR025BFBS0fM4V630tg2vAW6qW0jSMJD4WVViqU9c_y9PuVyqjDvtAY7w3LDmABri9xJPIlNeinwGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-WuoRKcYikv0BKIiRSntIQZQAZA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:08 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 742F 60 KB
60 KB 59ms
22ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:10:28 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:27:08 GMT
server: AmazonS3
age: 83321
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: Uh6JgsP1g4pE1eka9ojS2lM_5phegYcdxBnR6HtyWe4zUeILdDcfVA==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 742F 79 B
374 B 135ms
45ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2pWu_iLs2dI_AIQjvEodUW2vqCRc7L1eLY6SKw.5B0KB.D9ZtJ9Xvj9KyMgzWuz3YMJ5tFFg4K1kl1BNlY6RcApw..1M&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221623575947%22%2C%22%22%2C%22%22%2C%22%22%2C%221779095947%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=21ff99e196c837efee6a7367b3e6f14c&userIP=37.120.137.158&doAffectv=1&wgtime=1623575947
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 742F 85 KB
85 KB 109ms
41ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidpA9u1fgfj9WfkH4HmtztQ7Yhbt7tERDoneid__asuidAklnECgmAPH0fz5899NvobNY3a4NWe7Dasuid__webplexmedia_advancedad_Desktop_160x600&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=393bb7ae85e12689e869940bcc0c3ec3%2F12249013614412647910&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D238ay4mm3y4x7y9p67zg6ya5z7p96fqh0ymjaxnw2jhdpnnkf5zzmt19hp1teef3men57n6v7fztc94zr6zpvfwckntnenf6k1axp9xw8yk64v8zzm829xqnwjs1a6cq7fees65a1a06mf01cap0bjg1aqmahrp6n3r6fj9rk95qz9ankvejx8jw1srmyyyaa5ad1c6fya3tyezzwyvferbe2ass9jezwhq3h3w8de07c28ns4zjs9xve5s8g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVj9diM3FYOzxO8KX1fAP5-W9yAuQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BzBjhM3RaKqghkQMDp5USag52pn5sIBEiUqCFzRJE0cYEMQ0DT2zEH3EsYmJgy9BvV2hIx6y8S6aDWE4RA7DQyFSRR2MnzaHUdNzoivNUQiXrjx_nIpC4juU1Tli2syDDsajsulcVS-x4E3pdtq7ByZMfwgtaJU4aqVI0B_8380YsDzV9XQ3I4mzXWpM5zH3zaUa2eXzP-gAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1bSuVx4fx60FkdoTogeBUh5B2q_A%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:08 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D406 60 KB
60 KB 48ms
22ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:10:28 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:27:08 GMT
server: AmazonS3
age: 83321
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: G5gUYfFKHqs7mplwVHtsZqzETKZioUq28XjjTE7X_k4Luopah_kfPg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame D406 79 B
374 B 145ms
45ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2pWv4iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KB.D9ZtJ9Xvj9KyMgzWuz3YMJ5tFFg4K1kl1BNlY6RcApw.9Yl&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221623575947%22%2C%22%22%2C%22%22%2C%22%22%2C%221779095947%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=21ff99e196c837efee6a7367b3e6f14c&userIP=37.120.137.158&doAffectv=1&wgtime=1623575947
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame D406 85 KB
85 KB 105ms
37ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid5kZuXfEfKWkapH7HMt3tE3QabtktVjeoneid__asuid7UwY15YR7vbLA3QTNQ0nTRRcq9efItHPasuid__webplexmedia_advancedad_MOBILE_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=a265e562a8211212300e76edc63b59cc%2F1539126961724858860&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23pdetxf7wvt7dzsvtax8qkza6sb6p85pp3t33k0baz19gcsm85maxww9kd4cp8dj4jv1q9hk9m65b8hd78a8qe31mvb2s8xb844e08n1t1cveb7acg0rphvt690xv3pm2ytr6dc026kzaqc9hh7z08x0map2bmm4jksp7cecpw14b5chdxc5sepj39nba8zg16v6av6hcg1jt71fsytqyg0v50zrw6sx3133cmvtd6sh6r2hqrsmkhd5dmqa%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6E0Eic3FYM6FAeaI1fAPqoiv6AeQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi01Nzk4ODY3MjQ5ODg3MDMzoAHCrujdA8gBCakCfsYep6lQtD6oAwGqBJkBT9BR-4k7Vc1wNrIgb4aQuwLE2WoFlJx4W98edn37jtrlHC4LJBXdZ9MIqusUrBGUTz5ZKGY2Txx0IV1psSJWquDzvFsed1zPmzvAZSsxvM144mVnp2NhrK8zRfylsSa1U-P1wQzSqr30pxdq7-nERKvFDEBjvQ0ISuiwhGD-lanNqDBrQSdD-4XM4nAvSanhsxl1JBs1dcIfgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2fN2HipuqH9iwv_xDnA5TJVbaweA%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:08 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame EB1C 63 B
270 B 178ms
50ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2p9.hmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_jV.lV9dV0lJb9WJMStHjmxbwEMsZPuVr914VecL57GY5BNv_0TjV.1Vl
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 742F 63 B
270 B 184ms
49ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2p92fRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtQs.BN1eN.RK8mcK4rTJfwjOz2py85icCmVWN9e4WX3NlY5DtFMfs.EOu
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame D406 63 B
270 B 190ms
55ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2pA9atQVD_DJhCizgzH_y3EjNpmVWN9dPBSqB.5B0KB.D9ZtJ9Xvj9KyMgzWuz3YMJ5tFFg4K1kl1BNlY6RcApw..5Q
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3699 60 KB
60 KB 18ms
18ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:10:28 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:27:08 GMT
server: AmazonS3
age: 83321
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: SWVwRhwmkZ5UMOua-YHpvCwWVnXbokYHZmyN9zdBRL7yHyjShOXhqQ==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 3699 79 B
374 B 103ms
44ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2pJQhRhk6Hb9LarUqUdHz16rgPtFFg4Jh5Dufs.BN1eN.RK8mcK4rTJfwjOz2py85icCmVWN9e4WX3NlY5DtFMfs.4Il&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221623575948%22%2C%22%22%2C%22%22%2C%22%22%2C%221779095948%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=5b9bc638aee737727007e3d1de1c4726&userIP=37.120.137.158&doAffectv=1&wgtime=1623575948
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 3699 85 KB
85 KB 105ms
38ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid5kZuXfEfKWkapH7HMt3tE3QabtktVjeoneid__asuid7UwY15YR7vbLA3QTNQ0nTRRcq9efItHPasuid__webplexmedia_advancedad_MOBILE_300x250&wglinkid=713569
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 09:19:08 GMT
Last-Modified: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 3699 63 B
270 B 117ms
50ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Za_Cq2pKpNAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea.64HRe4GSr_9zAqUkxUXGfe2Rc7L1eWNNW5BNlYiJ4uy.0DI
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 13 Jun 2021 09:19:08 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 118ms
36ms Preflight 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame EB1C 16 B
232 B 69ms
68ms Fetch
application/json 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame EB1C 44 KB
45 KB 19ms
17ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:58:40 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 80512
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: pEkfe7-XlQywKNTmj5WSDxA4vlqQ4IhkDQPIc_fckuGk7beMtoZiAg==

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 115ms
36ms Preflight 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 742F 16 B
232 B 73ms
72ms Fetch
application/json 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 742F 44 KB
45 KB 19ms
19ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:58:40 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 80512
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: C_nysWTAMD9Urfsns3lR8MpFZzWrKJd6u99GnIglwVua-yTgn2k2-g==

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 113ms
37ms Preflight 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D406 16 B
232 B 76ms
76ms Fetch
application/json 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame D406 44 KB
45 KB 19ms
18ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:58:40 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 80512
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: I63mc7YeAUW4sJQFizO0yIUThcjoFpJQ8X-BK2TnT9TEco6VhlFJyA==

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 104ms
37ms Preflight 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3699 16 B
232 B 71ms
70ms Fetch
application/json 54.73.127.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / PHP/7.4.19

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.19
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 3699 44 KB
45 KB 18ms
18ms Script
application/javascript 13.225.74.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-57.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:58:40 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 80512
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: AuNGRdN3RUl9Y3y1gCvnjAfoyElhipHKPa7Cbk7vK-R6AVvZTxdIXg==

GET
H2 200 tag Show response
w-it.m-t.io/ Frame EB1C 18 B
122 B 48ms
27ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1623575949048
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: aa7ca7912f598a6238f06fbd11ea9347
cache-control: private
content-length: 38

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 742F 18 B
122 B 45ms
27ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1623575949051
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: fc6b8a4e1e2f3f52409ef2dfdc243b0f
cache-control: private
content-length: 38

GET
H2 200 tag Show response
w-it.m-t.io/ Frame D406 18 B
123 B 43ms
27ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1623575949052
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 2ebade56b9bf290c4e9238ee15f07234
cache-control: private
content-length: 38

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 3699 18 B
205 B 35ms
26ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1623575949059
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:19:09 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: e38758edc944f8e57715d4f4cfbe9bc7
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame 3699 0
74 B 25ms
25ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16235759481216_3ffd69a0f4&programId=12607&expiry=1779095948&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 4f94e8b8eb4143e76b80bfc083abe647
server: Google Frontend
date: Sun, 13 Jun 2021 09:19:09 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 track Show response
w-it.m-t.io/ Frame D406 0
72 B 33ms
32ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16235759479745_7e44f7375e&programId=12607&expiry=1779095947&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 9ab9c4aba6acfc8c2f87cb8b30e1c28a
server: Google Frontend
date: Sun, 13 Jun 2021 09:19:09 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 track Show response
w-it.m-t.io/ Frame 742F 0
72 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16235759479335_aed47255ed&programId=12607&expiry=1779095947&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: fe4c208d562185c76755bf633057cc3b
server: Google Frontend
date: Sun, 13 Jun 2021 09:19:09 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 track Show response
w-it.m-t.io/ Frame EB1C 0
72 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16235759479397_5c4ac9bc29&programId=12607&expiry=1779095947&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 952c2bf1a4ff5b3a588ad0cdcfcfc078
server: Google Frontend
date: Sun, 13 Jun 2021 09:19:09 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0A88 42 B
212 B 25ms
25ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0A88 42 B
210 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0A88 42 B
66 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0A88 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1623575944&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623575944734&bpp=1&bdt=383&idt=118&shv=r20210607&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=8780533843875&frm=20&pv=1&ga_vid=2124540703.1623575945&ga_sid=1623575945&ga_hid=1932471901&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060614%2C31060957%2C31061406%2C31061048&oid=3&pvsid=4018210866701090&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=tgFdI5sdqg&p=https%3A//hi.ru&dtd=164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 09:19:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tv.hi.ru
URL: http://tv.hi.ru/tv-xml2.php?idcity=524901&_=1623575944629

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESELnLyhV7kosFRFhHeGDTFg8&google_push=AYg5qPK82B5kQG8RYONCJnb5Kz5FF28oYsGto80l97cOma3oN3wJ8PT1QgGF8zK38TCaPE-6w5K7XqDbQgwSvd56VMjQXAwkV08

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEEmlSUIngJYQytqhvHyQnhQ&google_push=AYg5qPKsy7-_x-SjUrwhkTQ3KBUv7Fnuc3s7gJpA4K_mRcNsZPU76ezL36Mrm2RLZuo9hl111D2LwsOiHpbQClkZ6F48_1OPAi4

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_push=AYg5qPKRuESEcGDtdHdN8WPuFPjt8npMc5sC_VNBxFeSOmwaDiEGuAM_9_BaxrRoSVsO-xgABOcxk-3ic5RkkYdDYJcuT3Zd49A&google_cver=1&google_gid=CAESEP9s44tR6A0LKneIYoWzZzg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMXNiTxfEuWxcmLrd_IfMQAABLEAAAIB&google_cver=1&google_gid=CAESEOkqqyTAAOD1qHuknyvuEMs&google_push=AYg5qPK8LkDSrFV7vyZHXVF6S-WeIt-gkcwsoCpYwm714qFa6EgMq8vtj6WRPQn6ppAq63SwQNgvP2sVAAcRipLKp1ODT74x0VU-

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:59:36	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 04:21:11	Name: IDE Value: AHWqTUna2ZUHZsN7DpiFtM-nr49FkGa7X0j1S66ZGc0C_u4sW9FJiqGmkjHlvA32_hE
.criteo.com/	1970-01-20 03:45:11	Name: uid Value: 733bee46-2e38-4bcc-ac29-ccb13a61b958
.hi.ru/	1970-01-19 18:59:37	Name: _ym_visorc Value: b
.hi.ru/	1970-01-19 19:00:47	Name: _ym_isad Value: 2
.hi.ru/	1970-01-20 04:21:11	Name: __gads Value: ID=2dd51e6d1805778d-22dc3150efc800f2:T=1623575944:RT=1623575944:S=ALNI_MYr6t4sYnYkYsZcZRmIT659udaNSw
.hi.ru/	1970-01-20 03:45:11	Name: _ym_d Value: 1623575945
.hi.ru/	1970-01-20 03:45:11	Name: _ym_uid Value: 1623575945267964133

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ad4mat.net
adservice.google.com
adservice.google.de
ag.innovid.com
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
csi.gstatic.com
d.agkn.com
diapi.webgains.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hi.ru
image6.pubmatic.com
mc.yandex.com
mc.yandex.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
photoshosting.ru
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
r4---sn-4g5ednsd.googlevideo.com
rtb.openx.net
sb.scorecardresearch.com
server.cpmstar.com
ssl.cdne.cpmstar.com
static-de.ad4mat.net
static.criteo.net
tpc.googlesyndication.com
track.webgains.com
tv.hi.ru
w-it.m-t.io
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
cm.g.doubleclick.net
tv.hi.ru
104.111.239.217
13.225.74.57
142.250.185.130
142.250.186.162
152.199.21.117
18.194.113.221
185.64.190.78
198.24.170.52
2001:4860:4802:32::3
2001:6d0:4001::226
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:3032::6815:57ae
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:6e::9
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2013
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:15f8:a000:5:1:11:7:1fd5
2a00:15f8:a000:5:1:12:5:3f30
2a02:2638::1c
2a02:2638::3
2a02:6b8::1:119
2a05:d01c:1d8:8100:558f:678c:b3d9:283d
34.98.67.61
35.186.253.211
46.236.13.147
52.41.116.81
54.73.127.151
69.173.144.138
79.137.68.187
81.29.72.47
88.212.201.216
99.80.199.35
99.86.241.40
02656fafcbe64a5c30e92f92050de30db47cbdde805656e70e1d65405b096b65
0a2fb7012ffaf545419044728f24463dec1dcd7a7744aff57049aa3c340593b4
0a4120ac1f3bc9777c42f486d0776cb3704f6bb6cc009bdc29464a04ee474577
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d4407c36e48c5acc77db1bc4ee420351b66bfd467d7e8ba74e6e571e66db97c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ece459a00b3055bfb383faa4f3b45b663e4909788dbd06b9d0e506614cd856a
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
1205c7e29c59fc035d0d1c0a24e1c03f2875c9d0cb169ba8d9b6d100b9622ab0
14691aa0fa944c2a0ae6122576b35d7cfc24339b9c68f2eae1a14c6efcc3c689
157887761a6458ceb45eab50595a7953ef8a1c589071a66dc5ee88132a1ee332
1606c243d646bbbc486c09453274d8fcc058f4bc6d3d52b54350a38027750ea2
170bbb79a6356d61e00248df5603bde4e5507c1b672e9b9b42f1f502daaee828
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
1ade235fbaf9c00ef546a04c34431dec4c724a9d4a755b95e1789f3cacc21f8e
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1cfdb43297e916e2da546a244903e8eb3d0baf67620dda087399548c2e7afddf
21f31eb9bec7106a4df30844f419383e62f41949f53a7864505eaf71837f6877
22e506a14ca788af664b7dcc3903bc7a8909ca06183e9c01f6e29e0dbfa0c145
2437d5358b0f94c325d25e3dc1cac8e5722400cc3227b46fcbe3c9afa554483a
268515a8771eebdc7975a58053674b00057f3bb98f8c8e25c6c338e33dd58649
26c7406ed86c08030c98dda14dfda646405aa47f7bda79a4d4775da2811c3b2b
26de7ddc151567db6158dbb2e730c21f7bdb291354b1a88a9e4123cb6ec455b0
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fa7a92bb296612108ba8f71e70c164d61411f1ed8579f7ac0bbabc482d42ee2
3022368e5c6384747673ca4844bb4b4590c10329e49c1eb92994bed40e294e63
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34905084b2f62a0e3e2e98f396cacc21cd23f202a98cf08559b83affe441f76f
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
35e180aaf3576afe58fdeea6774dc9ea48aabf5e5884f8bb85c5c3afbc0a24ee
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
37111854edf6ded09171e25b528a5c3f84140f0870dfa1f2d9ae85834748d175
376f2619fadaec161771f2d7a74dfe534c30b5a4c4f1ca354eb71ab3da5edf70
382649d3c32e5027e3084e17a1bfc0bfaa780e98ae0f0b2ce0fe81b9b058d9b7
390cdd2401b8a6d820152f5d1c9c0070833f95a983b81b988498bb14daf99c5f
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3cac1bf452b07eb277c053c80ca566f77665de62f7cd809198f76164ad9e69c7
3e2e78d048001b6089b22f6246bec5fe6e329f1173a4a3dbec340ebbf021a9ef
3ed14ffcf48a4f46614b93bb468c59b4a04917a0997f3db67bf5aede6cd09ef2
3f29c371f2e0c5bf0af3b89afe456c53b18e506cf451471e6ea3c296e8ed1b3e
4037e26876df4ce62c60ce2580b3f10c1b359fe10657673463982a2294d42fec
41ab83e27acc60d34b77d7d6e5e65e3646d0b083f50f7fac1c8687a3f18d9a1d
4524ce42837c6b4ba4e2c81bbebbace863ea0d6d4748ec05c9b6d1c66f785fe8
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
484fc5bcc55eef7f11d2e8f74bd1445faa2b60392ecd977a56a4120903e5b2e2
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b3e06847c3566c1a5bd1e0e02de2197971e386491b6b56cb43d391916a4753b
4be63140c8bf9a35c7abf0cdb34e39a842e785494cd43e9c10ec67511176c664
4cb74ece3e7da8ebc96aad74c576088d8283f0c73584283c2e545ef1a0a0a903
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
553bd9a2b65279dc3a4325734238d30718a8f66e5f047fd339b21bdf7f9b784c
5832959bcbcb0af1b7d9b6a18ad3592317ed6f4843d8a4a450d1e33a45404214
58e3f429b97781e9628ea61941f330cc8c3790706d490661a0f59e937f256589
5a02d0404a3ad788c5ea4d042ba788f7c8828430870e45b450fe9061f51f8ed1
5f5393ca4208b772abed4bb97d0d114c7713aa7cadf4628af61255481f45d9bf
607060ee37b5b59294153dbacbc38c3abd970a3cb2c4bbb178029b03f7af3792
610063459e0f671914030c46b592f98ec94f02db50ed421cfb42497624ae8312
62b964c6110d2300c2b25824348217c5226ce87eb4a681bde737ed016285b2b1
63877b4f7877e6a39511dddad30f040b296e28bf657ebefcbcea070c679eb454
6430a5609cdd61e8ec8b87c2f32a4b8010a93fca76e4737387673b788afd9a82
64f5722af65e998ea09ae660dd2621acabee7475e128027c69f8659471635fcd
64fedf0f1f511c637ed27216292fed7ff26dfa03c4215cf2d6a37344d03f6001
65c70232b69b2ca3f9e8159217577ae39ad168b9c8e6d24c8aa834aacda078b5
69b8f18459f46dcd677782736715b4015529b360a0c09bac2950a355f35f8a1a
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
6d88e36cfd8eada9864ce6d2f583de57913a2b6f2ea013fabc72cf5f1011fa27
6f66a7192d2f0324b121a48f1982f2a67be12c9cd7c7716f9d3aa01efc83f809
6f9c80a5f214df00adb0ee7f714a44c3a472f52e7dbe66bf740eb4344b21c26f
704fb2fb51023c7f361e779a1448e30de7b2c347652e359aec3f71b1156abdc6
707df6884f2bb0cc5f7ab83b77128324cb16418856afcf5d5731d934d297fe13
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
755cd5b67c8c19b563be5648a17f7e327f4c5f59bdaa7b3e1f1f29518e293055
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7a43a6dd7dbbb0103a0968e7efa25d85a0c1b6951d558fa7d3a93f2b7e07aa42
8067f8a8959d94e6e5a498a640a7258ff8810c73570dd9724e42444243ef7723
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8680de415a5e34d0ab845fe97f3115dc7a12744c93306a0eb8807a6fb06dfdc4
8763c7cee404235584c03d712187e2aac4355da9b405f1fc406af91ae15e873a
8946d4f87f3c79a7ef438695bae478433c1fc176cb2a3d1a1ee167b3de6e3dac
8b2df4e6a0b7894561ebfff81f780adde35d48b892cd5625da1e393fe2f8366d
8d061cf248e6817cc9497fdf606aefb9ca23ebb78d4f19d2a4d9651090c78a95
8d2282f124fb7fa8bc830806064dd4004ec8550807e01191027f5880483196f6
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
8d9b5eb29b4bde77d7ab2fce99c079aba5ee1099640271987ff9a10df97b06ca
8da561f081745a33ae923b7adc6d8644a80e2ca3c0b1ce34912a35809dd450f0
8f167d04497f402ef058421109101dc1ca1d0033b8fa0f05f2e86dffdb8870a9
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
96b83cddbb8e637ed6bcce3bb3d2820d9f03af91f2c00b89e6bfe89afbb0b67c
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
997985a0d2dcd881eed27ff4b11de4627fcfd4f9f7b813bb9bb919dddf43f87a
9a13fe956d743c4dfa3015434ba2f28ea4ea4eec6043a1a85f6feea371d0b8c1
9a49201cea2d93ea7da822446018ebe84fb8d062f95f65b65af7f47ade2988a4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a44a3a6c65546d76c462995523b52dbcb211bcd3f0d5cccf961d3ea389eb8adc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6680ca2cf71d321e7d58d1d41ae25d697c268dab51ba107c7b59e494a109a4b
a6f6e27848ada1fa96484988041b59589885fc4dbd96fba7c2977a9181c63951
aa540475fc0d3a45012fedb84aedf3382c5f19bfaab09bb6256a02234a9f1254
af87dd0a91f10cb6c35af0b4ecc86df4cdc772d73222cbf43e998a0ca6d9fb18
b0444809862b2227d687d9248c429aff81d18fd75a872fd7712e1402e2305f1c
b09b65d9a26019fb6c7812331f76164e9c55224a9f49f6f4b1b3dd2312fdaa61
b15120b7989ffe1c0dc36cc97d043f460ece41cc4c5a80a00f458382f4478219
b371b3fd76fa1b0d6c636558f0cb4cb8a2b88c9f6df08904d43029ac1d4a713b
b663358d262151aebf082f699b672c1c44e5e1ed122b6bcf03a461345d0673ae
baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee
bc3db9df73763ed73b90bd867a85f32e5d8d0b64bc0a3fabc7bfcd349b363741
bd49298c921b316356e1457a8ff2a9f19c0d069415e8a014f1d6ea6511000787
be778d96b3e4a26279b729639055f1592b58204581b17f7bd8a30bcadda9dd7f
bfffa55d15b209e2825b9af6d15c55069db8da75010c9aa73efaae4a497124e6
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a
c0c1edf85ee406ff6e457dba599598152cc971f399f53c204fd30b978662f385
c0ff8ece875d50f4663dac70f5ffbb598004b10d67d86a546cc45949547160bf
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c207f4ede81479d1e6ce6636a9b5a8919f13286d2db1079c1d3cbe24f85194ec
c2fbe8d3fa0d0fc9e410f6e538e2fde3369b477bcfa1033abbb42eadd33705b0
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c891f72ea7e0987490c68ae10c06650e4de4a4d17ebbfba49f33c55998a0cb8b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd461a3a10ed00d5e8a2ee0642a79cb2f0cd664a3bc88abf26e74befce054e83
cf0996ad93dca0b546d039ec026226696396a369625d7b14eafd07622eff178f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d46df302dc87c55075d8d750794c4cfa5fd6def69a4c38d8d1eebee7b97144df
d5d8dc69aa87c483b4fe658a37d73a8492c874eabbac539b90f7101c4458ec4f
d8044e5a2fd314a99ae6b5573de76df237b559641cfac927e99ba23045ab9108
d8738f1a40f1f64f8561fe5924e4fb9134be21eeaa73c7f0adae5df353294ec6
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dabba4011fb5c6cb64e46386a598022f8cdaaa6370c5d3e81e253585d9541b0d
dafc04effe2148feac292c669022e14142d315c77b8bced1249ed56f6a3779d6
dc9493114e04d4018faf2eee12e319b931cd64574eff8c932cbb58d6ba12b424
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e14245edb66438db8f4b062f463e708132f41762649ddb809dddb5c9f8eb9987
e21f33da8e28fb713d91137b37ed7f306c202d5016565482039f43986c26ded8
e3a1c01861e17d51bec3f04d3e0253f5984f7f0abbc71254ab418e4520edbc6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e566ca5478f1ebc1d7c117362af3aca30b57cd0b988e4ce62c7039e1793c1409
e5c95a02146d4b7fddb4981368a540efda6acc03938cbd3c1e294ef9f8b83cf1
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e73876acf97f29bebbe45073b98349cf74861671f7d958e0352d16f7572c486e
e7460fe5ae4f29f4bb796c5d3f06f846022d5bc592649c7eb82090df1430fd41
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ea0269a93ceb6cb9f7b0cda0b251de17323690136dec4f059109e6c6909a150f
eaf394f0cf1614e22d265d916398cc14562c0bfa73a6f90af26e068dd76e4dd2
ed92afd9e7cf19de28801b91cf6a9711a50d7b7000887359bd1ac74968a85d30
edc3a0ad539531bd40ae350cbdd4770c95149d47c226aac2d415dc66fb17591f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef96df9b60c0e76f3b78200e495f9c888939a23fc6b2f11ba9a5457f33fe0a8d
effab5009f8d5adcac3e02c4a7f72b5f4141f7ef96ee54288b842542a81bc74a
f186b25d37c6fca2f2738e20ed7a173b77dff29790d5702087df1af1301500c7
f299bfdf095cdc0586b7e8e690c0ee2af36c7c20c824196121dd7b31358132d7
f7a44b819cdb49ab48dd2aea474cd74330d07a0b6475b33347c3512398f44d9e
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
f9efb644f462ed2bf0ee018423c506384991aec799678ace301a059c1e49fc75
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

hi.ru Open in urlscan Pro 2a00:15f8:a000:5:1:12:5:3f30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

343 Requests

99 %HTTPS

61 %IPv6

35 Domains

53 Subdomains

43 IPs

6 Countries

5351 kBTransfer

7795 kBSize

8 Cookies

80 Outgoing links

Redirected requests

343 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hi.ru Open in urlscan Pro
2a00:15f8:a000:5:1:12:5:3f30 Public Scan

Screenshot
Live screenshot

Full Image

343
Requests

99 %
HTTPS

61 %
IPv6

35
Domains

53
Subdomains

43
IPs

6
Countries

5351 kB
Transfer

7795 kB
Size

8
Cookies

343 HTTP transactions
9 data transactions