valdai.su Open in urlscan Pro
87.236.16.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://valdai.su/
Effective URL:
https://valdai.su/
Submission Tags: su l4ing cccp ru mass h8 Search All
Submission: On February 13 via manual (February 13th 2023, 11:13:33 am UTC) from UA — Scanned from DE

Summary HTTP 158 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 48 domains to perform 158 HTTP transactions. The main IP is 87.236.16.65, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is valdai.su.
TLS certificate: Issued by R3 on December 6th 2022. Valid for: 3 months.

This is the only time valdai.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	87.236.16.65 87.236.16.65	198610 (BEGET-AS) (BEGET-AS)
1	159.69.75.12 159.69.75.12	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	87.236.16.89 87.236.16.89	198610 (BEGET-AS) (BEGET-AS)
1	208.94.232.9 208.94.232.9	40824 (WZCOM-) (WZCOM-)
4 6	193.168.47.254 193.168.47.254	198610 (BEGET-AS) (BEGET-AS)
1	89.108.73.170 89.108.73.170	197695 (AS-REG) (AS-REG)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2 3	190.115.31.9 190.115.31.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	2a03:6f00:1:2... 2a03:6f00:1:2::5c35:746b	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	78.46.102.85 78.46.102.85	24940 (HETZNER-AS) (HETZNER-AS)
1 2	190.115.18.184 190.115.18.184	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1 1	85.192.12.169 85.192.12.169	12695 (DINET-AS) (DINET-AS)
1	85.192.12.170 85.192.12.170	12695 (DINET-AS) (DINET-AS)
1 2	93.171.200.70 93.171.200.70	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	178.154.254.12 178.154.254.12	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 7	193.232.121.11 193.232.121.11	50214 (QWARTA) (QWARTA)
1 1	193.232.121.72 193.232.121.72	50214 (QWARTA) (QWARTA)
1 1	193.232.121.23 193.232.121.23	50214 (QWARTA) (QWARTA)
1 1	193.232.121.24 193.232.121.24	50214 (QWARTA) (QWARTA)
1 1	193.232.121.29 193.232.121.29	50214 (QWARTA) (QWARTA)
1 1	193.232.121.80 193.232.121.80	50214 (QWARTA) (QWARTA)
1	178.248.233.120 178.248.233.120	197068 (QRATOR) (QRATOR)
1 2	2606:4700:10:... 2606:4700:10::ac43:aae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.65.149.181 185.65.149.181	197068 (QRATOR) (QRATOR)
1	138.68.71.122 138.68.71.122	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	178.248.232.168 178.248.232.168	197068 (QRATOR) (QRATOR)
1	2606:4700:20:... 2606:4700:20::681a:4e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.109.95.134 104.109.95.134	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	47.246.133.207 47.246.133.207	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 2	47.246.133.89 47.246.133.89	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 1	104.87.131.236 104.87.131.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 15	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
4 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2600:9000:211... 2600:9000:211e:1600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	3.122.47.214 3.122.47.214	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
158	39

44 87.236.16.65 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)
PTR: ssl.stack.beget.com

valdai.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.75.12 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.75.69.159.clients.your-server.de

bigreal.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.89 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.robin.beget.com

ewaline.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.94.232.9 (United States)

ASN40824 (WZCOM-, US)

buyeasy.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.168.47.254 (Russian Federation) 4 redirects

ASN198610 (BEGET-AS, RU)

beget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.73.170 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: u8825.col.agava.net

xmlproxy.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 190.115.31.9 (Belize City, Belize) 2 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

allpositions.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:6f00:1:2::5c35:746b (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)

timeweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.102.85 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: serpstat.com

serpstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.115.18.184 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

luckyads.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.169 (Russian Federation) 1 redirects

ASN12695 (DINET-AS, RU)

ads.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.170 (Russian Federation)

ASN12695 (DINET-AS, RU)

ads2.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.171.200.70 (Czech Republic) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: gw.gogetlinks.net

gogetlinks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.154.254.12 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

www.miralinks.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.232.121.11 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

www.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.72 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

articles.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.23 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

pr.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.24 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

www.seowizard.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.29 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.80 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

traffic.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.248.233.120 (Russian Federation)

ASN197068 (QRATOR, RU)

fastvps.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:aae (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.etxt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:40d (United States)

ASN13335 (CLOUDFLARENET, US)

text.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.65.149.181 (Russian Federation) 2 redirects

ASN197068 (QRATOR, RU)

advego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.68.71.122 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

workhard.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.248.232.168 (Russian Federation) 1 redirects

ASN197068 (QRATOR, RU)

kwork.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4e5 (United States)

ASN13335 (CLOUDFLARENET, US)

collaborator.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.95.134 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-95-134.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.133.207 (United States) 2 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

best.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.133.89 (United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.87.131.236 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-131-236.deploy.static.akamaitechnologies.com

login.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:1600:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Castricum, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.47.214 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-214.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	valdai.su 1 redirects valdai.su	486 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	371 KB
22	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 308	133 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	193 KB
11	sape.ru 5 redirects www.sape.ru articles.sape.ru pr.sape.ru rtb.sape.ru traffic.sape.ru	1 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7221	3 KB
6	beget.com 4 redirects beget.com — Cisco Umbrella Rank: 79590	1 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 114 ajax.googleapis.com — Cisco Umbrella Rank: 510	38 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 129 www.google.com — Cisco Umbrella Rank: 18	743 B
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 687	3 KB
4	aliexpress.ru 3 redirects best.aliexpress.ru — Cisco Umbrella Rank: 391325 aliexpress.ru — Cisco Umbrella Rank: 13652 login.aliexpress.ru	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	144 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5587	818 B
3	advego.com 2 redirects advego.com	571 B
3	allpositions.ru 2 redirects allpositions.ru	393 B
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2228	73 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1284	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 801	2 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 997	875 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 35755	1010 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 721	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1271 r.turn.com — Cisco Umbrella Rank: 4787	869 B
2	aliexpress.com 2 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 20036 login.aliexpress.com — Cisco Umbrella Rank: 13813	3 KB
2	kwork.ru 1 redirects kwork.ru — Cisco Umbrella Rank: 221805	887 B
2	etxt.ru 1 redirects www.etxt.ru	307 B
2	gogetlinks.net 1 redirects gogetlinks.net	443 B
2	luckyads.pro 1 redirects luckyads.pro	196 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2005	587 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 987	541 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1725	576 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 426	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1072	602 B
1	collaborator.pro collaborator.pro
1	workhard.online workhard.online
1	text.ru text.ru — Cisco Umbrella Rank: 626590
1	fastvps.ru fastvps.ru
1	seowizard.ru 1 redirects www.seowizard.ru	144 B
1	miralinks.ru www.miralinks.ru	60 KB
1	ads2.bid ads2.bid
1	ads.bid 1 redirects ads.bid — Cisco Umbrella Rank: 650789	86 B
1	serpstat.com serpstat.com
1	timeweb.com timeweb.com — Cisco Umbrella Rank: 362710
1	xmlproxy.ru xmlproxy.ru
1	buyeasy.by buyeasy.by
1	ewaline.su ewaline.su	895 B
1	bigreal.org bigreal.org — Cisco Umbrella Rank: 574754	8 KB
0	telderi.ru Failed www.telderi.ru Failed
0	iupgxu.com Failed ww25.iupgxu.com Failed
158	48

	Domain	Requested by
44	valdai.su	1 redirects valdai.su bigreal.org ajax.googleapis.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net
15	cm.g.doubleclick.net	1 redirects valdai.su googleads.g.doubleclick.net
10	fonts.gstatic.com	fonts.googleapis.com
8	pagead2.googlesyndication.com	valdai.su pagead2.googlesyndication.com googleads.g.doubleclick.net
7	mc.yandex.com	3 redirects valdai.su
7	www.sape.ru	1 redirects valdai.su
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	beget.com	4 redirects valdai.su
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	valdai.su googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	advego.com	2 redirects valdai.su
3	allpositions.ru	2 redirects valdai.su
3	mc.yandex.ru	2 redirects valdai.su
2	pm.w55c.net	2 redirects
2	sync.1rx.io	2 redirects
2	s.ad.smaato.net	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	sync.mathtag.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net
2	aliexpress.ru	1 redirects valdai.su
2	kwork.ru	1 redirects valdai.su
2	www.etxt.ru	1 redirects valdai.su
2	gogetlinks.net	1 redirects valdai.su
2	luckyads.pro	1 redirects valdai.su
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	r.turn.com	valdai.su
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	login.aliexpress.ru	1 redirects
1	login.aliexpress.com	1 redirects
1	best.aliexpress.ru	1 redirects
1	s.click.aliexpress.com	1 redirects
1	collaborator.pro	valdai.su
1	workhard.online	valdai.su
1	text.ru	valdai.su
1	fastvps.ru	valdai.su
1	traffic.sape.ru	1 redirects
1	rtb.sape.ru	1 redirects
1	www.seowizard.ru	1 redirects
1	pr.sape.ru	1 redirects
1	articles.sape.ru	1 redirects
1	www.miralinks.ru	valdai.su
1	ads2.bid	valdai.su
1	ads.bid	1 redirects
1	serpstat.com	valdai.su
1	timeweb.com	valdai.su
1	xmlproxy.ru	valdai.su
1	buyeasy.by	valdai.su
1	ewaline.su	valdai.su
1	ajax.googleapis.com	valdai.su
1	bigreal.org	valdai.su
0	www.telderi.ru Failed	valdai.su
0	ww25.iupgxu.com Failed	valdai.su
158	61

This site contains no links.

Subject Issuer	Validity	Valid
valdai.su R3	`2022-12-06` - `2023-03-06`	3 months	crt.sh
bigreal.org R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
ewaline.su R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
*.buyeasy.by R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
xmlproxy.ru R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
timeweb.com GlobalSign Extended Validation CA - SHA256 - G3	`2022-06-29` - `2023-07-31`	a year	crt.sh
*.serpstat.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-31` - `2023-11-08`	a year	crt.sh
www.miralinks.ru R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
fastvps.ru R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
*.text.ru GTS CA 1P5	`2023-01-31` - `2023-05-01`	3 months	crt.sh
workhard.online R3	`2023-02-05` - `2023-05-06`	3 months	crt.sh
*.collaborator.pro GTS CA 1P5	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://valdai.su/
Frame ID: 36876E481391143094752D59CA02683A
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 3B55BC490B4FD045BF956CC69D41B372
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&adk=1812271804&adf=3025194257&lmt=1676286807&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fvaldai.su%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286807507&bpp=5&bdt=656&idt=245&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4088224696529&frm=20&pv=2&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: 3474BE3E9D39DF68A482860BEE9FE923
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=410927257&adf=434042314&pi=t.aa~a.2933074733~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=2&bdt=1338&idt=-M&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XCDVHSRSDS&p=https%3A//valdai.su&dtd=7
Frame ID: 515E0D34A82FDA54C2D32358A0E38110
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=2207806058&adf=3427559376&pi=t.aa~a.258064809~rp.1&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=1&bdt=1338&idt=1&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zFeLrCtTKk&p=https%3A//valdai.su&dtd=11
Frame ID: F41E709EBA4CBBB1A4D5C0250D7ECC55
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7EEB69C7262145B52D60FA295DFCE513
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CA1B2FBF3DDD59C5A237D1392A417893
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5F21EB36B1EF7D3B909512D72EBC9C8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 87C65ED5A44C5DABB5DD862086654231
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B2BC2EBA3C4EE4728A4514029BD6844
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 9798EE5A434952BBB09D58FB12A33F39
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: E25219F25D29A941C7EAE60629D67F80
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Все про сердце - valdai.su

Page URL History Show full URLs

http://valdai.su/ HTTP 301
https://valdai.su/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

78 %
HTTPS

33 %
IPv6

48
Domains

61
Subdomains

39
IPs

9
Countries

1510 kB
Transfer

3277 kB
Size

39
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://valdai.su/ HTTP 301
https://valdai.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://iupgxu.com/4xfl17291/ivl/mp0/y03q8h768/vuq/786/kypdeasu.php HTTP 0
http://ww25.iupgxu.com/4xfl17291/ivl/mp0/y03q8h768/vuq/786/kypdeasu.php?subid1=20230213-2213-27c9-a30f-dad860820f36

Request Chain 16

https://beget.com/p180369 HTTP 301
https://beget.com/ HTTP 301
https://beget.com/ru

Request Chain 68

https://beget.com/p1122567 HTTP 301
https://beget.com/ HTTP 301
https://beget.com/ru

Request Chain 69

https://allpositions.ru/redirect/158376 HTTP 301
https://allpositions.ru/redirect/index/158376/1 HTTP 301
https://allpositions.ru/

Request Chain 72

https://luckyads.pro/account/signup/?refid=13637 HTTP 301
https://luckyads.pro/account/signup?refid=13637

Request Chain 73

https://ads.bid/?pid=14362 HTTP 301
https://ads2.bid/?pid=14362

Request Chain 74

https://gogetlinks.net/?inv=s72v7q HTTP 302
https://gogetlinks.net/

Request Chain 76

https://www.sape.ru/r.FuuiRSJADo.php HTTP 302
https://www.sape.ru/index.php?set_refid=FuuiRSJADo

Request Chain 77

https://articles.sape.ru/r.FuuiRSJADo.php HTTP 302
https://www.sape.ru/?set_refid=FuuiRSJADo&r=articles&refurl=https%3A%2F%2Farticles.sape.ru%2Fr.FuuiRSJADo.php

Request Chain 78

https://pr.sape.ru/r.FuuiRSJADo.php HTTP 302
https://www.sape.ru/?set_refid=FuuiRSJADo&r=pr&refurl=https%3A%2F%2Fpr.sape.ru%2Fr.FuuiRSJADo.php

Request Chain 79

https://www.seowizard.ru/r.FuuiRSJADo.php HTTP 302
https://www.sape.ru/?set_refid=FuuiRSJADo&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.FuuiRSJADo.php

Request Chain 80

https://rtb.sape.ru/r.FuuiRSJADo.php HTTP 302
https://www.sape.ru/?set_refid=FuuiRSJADo&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.FuuiRSJADo.php

Request Chain 81

https://traffic.sape.ru/r.FuuiRSJADo.php HTTP 302
https://www.sape.ru/?set_refid=FuuiRSJADo&r=rt&refurl=https://traffic.sape.ru/r.FuuiRSJADo.php

Request Chain 83

https://www.etxt.ru/?r=rutoz HTTP 301
https://www.etxt.ru/

Request Chain 86

https://advego.com/1um4EAEVhQ HTTP 301
https://advego.com/1um4EAEVhQ/ HTTP 301
https://advego.com/

Request Chain 88

https://kwork.ru/ref/30740 HTTP 302
https://kwork.ru/

Request Chain 90

https://s.click.aliexpress.com/e/_9vvP9d HTTP 302
https://best.aliexpress.ru/?lan=en&aff_fcid=b18ba51a67484b37bae9ba9110038eb2-1676286809506-06872-_9vvP9d&aff_fsk=_9vvP9d&aff_platform=portals-tool&sk=_9vvP9d&aff_trace_key=b18ba51a67484b37bae9ba9110038eb2-1676286809506-06872-_9vvP9d&terminal_id=f5b53578fa0745c4b7985eca8240f4f2 HTTP 301
https://aliexpress.ru/ HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Faliexpress.ru%2F HTTP 302
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=f5b53578fa0745c4b7985eca8240f4f2&xman_goto=https%3A%2F%2Faliexpress.ru%2F&_ga= HTTP 302
https://aliexpress.ru/

Request Chain 91

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9913._g4Tkt7KmXeB7aqcB2HhNv4DFvJXb9BiHRfsIW-afO5B9mtp57S_s8BA4nxY4OdN.sO4Yz63_BQ8D7u13_2IxUPlg7DY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9913.4ZP_SD5ncuHAf_zn63iG5Hz9H681KmTRQ6BfPILMpdG9AaIg8x1ZX6FY-sZcJGltnGsOpMjZ5DrMKCxi-0AwBDojagCBsd5UMUiEtyYFdqc%2C.TSpE4yXC9Q03G42KJvMbvA167XA%2C

Request Chain 143

https://mc.yandex.com/watch/61096375?wmode=7&page-url=https%3A%2F%2Fvaldai.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1739%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1413206995370%3Ahid%3A947963370%3Az%3A0%3Ai%3A20230213111327%3Aet%3A1676286808%3Ac%3A1%3Arn%3A579570912%3Arqn%3A1%3Au%3A16762868081065977931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C190%2C485%2C2%2C845%2C0%2C%2C323%2C32%2C%2C%2C%2C1847%3Aco%3A0%3Acpf%3A1%3Ans%3A1676286805326%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676286809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BF%D1%80%D0%BE%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5%20-%20valdai.su&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/61096375/1?wmode=7&page-url=https%3A%2F%2Fvaldai.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1739%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1413206995370%3Ahid%3A947963370%3Az%3A0%3Ai%3A20230213111327%3Aet%3A1676286808%3Ac%3A1%3Arn%3A579570912%3Arqn%3A1%3Au%3A16762868081065977931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C190%2C485%2C2%2C845%2C0%2C%2C323%2C32%2C%2C%2C%2C1847%3Aco%3A0%3Acpf%3A1%3Ans%3A1676286805326%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676286809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BF%D1%80%D0%BE%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5%20-%20valdai.su&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 146

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENu46Uk4xNx1G_yDffAf_tM&google_cver=1&google_push=Aa02lx8LyGQdKgPt21wLMHhlzzNMahQLmOCno0GXhJNsN5NQzT74azkBMs24fHFU7jGjU2-2XM24-VRgjdOpuhMDABbgbhrypED3Lg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMTk4NTU1NjQ4ODgxNTgzNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELiF0ZfR65mX6tjGCgNSTF4&google_cver=1

Request Chain 147

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBRjpcV40ZL90_36fXiazFA&google_cver=1&google_push=Aa02lx91MegZ570JaUjl937uNytHgWpWO03q98tS66MjGvqyYwmf_8QbA_c56mydGgf-Mzg2xVf7YycwTHa7zf1-mBDdt-IpmibTxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx91MegZ570JaUjl937uNytHgWpWO03q98tS66MjGvqyYwmf_8QbA_c56mydGgf-Mzg2xVf7YycwTHa7zf1-mBDdt-IpmibTxQ

Request Chain 149

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEP9o_S-Rq-9y3N0v7h0J5rA&google_cver=1&google_push=Aa02lx_jjwgPJkwWg614N4rFL68xmQOe-0YH4-g8fe95L_hnesdxxF1ychCQJTzOpv00U0fSWSQ-AwEBYxf0HprfccXZosscrWa_1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_jjwgPJkwWg614N4rFL68xmQOe-0YH4-g8fe95L_hnesdxxF1ychCQJTzOpv00U0fSWSQ-AwEBYxf0HprfccXZosscrWa_1A&google_hm=VUQU7bhETPyHwQHbVyavGGc

Request Chain 150

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_cver=1&google_push=Aa02lx_UZ2vNgfzu0y_hSACXig95sxPqIOmJoAQn1qOPQHR10rlJtgNKhdRXjNqJL4tyr7JvkKgTiaSy0s0nXVSLd-fSFBcOk9_rpw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_push=Aa02lx_UZ2vNgfzu0y_hSACXig95sxPqIOmJoAQn1qOPQHR10rlJtgNKhdRXjNqJL4tyr7JvkKgTiaSy0s0nXVSLd-fSFBcOk9_rpw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx_UZ2vNgfzu0y_hSACXig95sxPqIOmJoAQn1qOPQHR10rlJtgNKhdRXjNqJL4tyr7JvkKgTiaSy0s0nXVSLd-fSFBcOk9_rpw

Request Chain 151

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDbStfSTck46xGiqz2XKp18&google_cver=1&google_push=Aa02lx9APsRkHDKOE-y6_r1jcgtbBjH2esvOxvi-PEM7ihHiDqCd_gT0rr7lLH1zdn1TzIF-q-t_9rwnCeLSP9_SRULLYm5NYUx1wQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9APsRkHDKOE-y6_r1jcgtbBjH2esvOxvi-PEM7ihHiDqCd_gT0rr7lLH1zdn1TzIF-q-t_9rwnCeLSP9_SRULLYm5NYUx1wQ

Request Chain 152

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELvp2qBAzcGq95McUze5D50&google_cver=1&google_push=Aa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1676286808887 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ca78f23b-a98b-464a-9d9c-e049ed0c8877-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ%26google_hm%3DA8p48jupi0ZKnZzgSe0MiHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ&google_hm=A8p48jupi0ZKnZzgSe0MiHc

Request Chain 160

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&google_cver=1&google_push=Aa02lx9-_aRcyisfuD0PjUpQM4hGReaGeKdAaKJX6lr44DVgg3c8ag6h_VoeZqwneVgKDNwXAyCZxiP50ehl7Ww00A0Rw8lXTt_e4iE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&google_cver=1&google_push=Aa02lx9-_aRcyisfuD0PjUpQM4hGReaGeKdAaKJX6lr44DVgg3c8ag6h_VoeZqwneVgKDNwXAyCZxiP50ehl7Ww00A0Rw8lXTt_e4iE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QmI3TFFLNFgxUHJ3TTE1&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&google_cver=1&google_push=Aa02lx9-_aRcyisfuD0PjUpQM4hGReaGeKdAaKJX6lr44DVgg3c8ag6h_VoeZqwneVgKDNwXAyCZxiP50ehl7Ww00A0Rw8lXTt_e4iE

Request Chain 161

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJn2k-SdwgQ7eBi6Ldc5q94&google_cver=1&google_push=Aa02lx-6XHVd0R7BAoZ_fHGHtLFh9s3Hpy4CL3Xvg3HLxuSFdsRu-XDyH3YzXc3HPOjpHlJU71SFhMEXBBHh2-d0sFJhvH3YtbvGMmM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-6XHVd0R7BAoZ_fHGHtLFh9s3Hpy4CL3Xvg3HLxuSFdsRu-XDyH3YzXc3HPOjpHlJU71SFhMEXBBHh2-d0sFJhvH3YtbvGMmM

Request Chain 162

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJZQuaq0irFtbevN-byLdx0&google_cver=1&google_push=Aa02lx_EoDxvsOcR0n3zbndOSKcCq95_PuavPQM0FcREeswH2XOc2Z5qnx3u7WwHihLLA07aibF4iTNKEshD3toGrTqPULpSc-5AgBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJZQuaq0irFtbevN-byLdx0&google_push=Aa02lx_EoDxvsOcR0n3zbndOSKcCq95_PuavPQM0FcREeswH2XOc2Z5qnx3u7WwHihLLA07aibF4iTNKEshD3toGrTqPULpSc-5AgBg

Request Chain 163

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL2vr6OxEryEcvUpQ5EbjcU&google_cver=1&google_push=Aa02lx9kzhQUVyyWh3KzNJSJKOJaUwapql9EnUlAuC03xbaNpnIYgD9uSay8-9ZtQgJYoQ2xNy0o-AL51MmcGaxmWWfjJR2R4KjGDEs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9kzhQUVyyWh3KzNJSJKOJaUwapql9EnUlAuC03xbaNpnIYgD9uSay8-9ZtQgJYoQ2xNy0o-AL51MmcGaxmWWfjJR2R4KjGDEs&google_hm=HlCBm-5fSn6OsbGu0QZObWc

Request Chain 164

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOSAYU-w80bE-9mAsyRGNXU&google_cver=1&google_push=Aa02lx9R7T2QBMK-JZG1lyrNJmnsA4jTSdpzeVFT3n3ofMu3ToJAVbDoJ_2p8Op__cGPsu3xpBHA7MKoHiIjUJDkjfQjgbIpgejDtsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5OTU5NzAxOTEyMDk5MDM1MA%3D%3D&google_push=Aa02lx9R7T2QBMK-JZG1lyrNJmnsA4jTSdpzeVFT3n3ofMu3ToJAVbDoJ_2p8Op__cGPsu3xpBHA7MKoHiIjUJDkjfQjgbIpgejDtsQ

Request Chain 165

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_cver=1&google_push=Aa02lx-G4pvBivA7m2rlp4RTuEpBVXJuUw4d4wE-MFpZxCqjfaiJ1EI8KeYS5y9sQf0ElfxJL02dXVsvSHMzB-ooCCuFyDz5Yof-IL8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_push=Aa02lx-G4pvBivA7m2rlp4RTuEpBVXJuUw4d4wE-MFpZxCqjfaiJ1EI8KeYS5y9sQf0ElfxJL02dXVsvSHMzB-ooCCuFyDz5Yof-IL8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx-G4pvBivA7m2rlp4RTuEpBVXJuUw4d4wE-MFpZxCqjfaiJ1EI8KeYS5y9sQf0ElfxJL02dXVsvSHMzB-ooCCuFyDz5Yof-IL8

Request Chain 166

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGjBglho9KydkFVl8-HPRaE&google_cver=1&google_push=Aa02lx87zbUI4X_yDU8L5lvhNWUH9TZgRrxZ_uXPpBpKQwWaAtztWQ6y--knBsuNZMoV3UMCJlh2oPmYGKite4ENAs8zQiaQDuZ75cA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx87zbUI4X_yDU8L5lvhNWUH9TZgRrxZ_uXPpBpKQwWaAtztWQ6y--knBsuNZMoV3UMCJlh2oPmYGKite4ENAs8zQiaQDuZ75cA

Request Chain 169

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9913.F_4eqNPfN4fMMRzIBoRy94HCwAP1sRGlNuOSQP0qGGr-2cNx0_FRXvSydkJlPubm.Cxsv1ofYa9K3lzSuRzquCEPRCwU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.dS8o30jhuAIKTWuk4z8u_x3iOrU8fratfZjZxM8afy9u38u9_Nw7sFEt9kcm7Z-GQoisA6lkNqeBxe7vwCRnjrLsODDSkEDTYxP7hk0utBU%2C.I6QLMdEEdawUWxieenez-7qDb-g%2C

158 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
valdai.su/
Redirect Chain

http://valdai.su/
https://valdai.su/

94 KB
21 KB

676ms
485ms

Document
text/html

87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: d615af17b44a125dc019be71a8c42410ba58dd7f31c050867cbeee87b2e20657

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 11:13:26 GMT
link: <https://valdai.su/wp-json/>; rel="https://api.w.org/"
server: nginx-reuseport/1.21.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Feb 2023 11:13:26 GMT
Keep-Alive: timeout=30
Location: https://valdai.su/
Server: nginx-reuseport/1.21.1
X-Powered-By: PHP/7.4.33
X-Redirect-By: WordPress

GET
H2 200 N4pkHSYT.js Show response
bigreal.org/pushJs/ 33 KB
8 KB 135ms
38ms Script
application/javascript 159.69.75.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bigreal.org/pushJs/N4pkHSYT.js
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.75.12 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.75.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 4fd51de67acfed4a76ec912c3a8d81eecf52e55e32ea9ecb3953853dddd035e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: br
last-modified: Fri, 10 Feb 2023 10:30:53 GMT
server: nginx
etag: W/"63e61cdd-830d"
content-type: application/javascript
cache-control: max-age=600, public, must_revalidate
expires: Mon, 13 Feb 2023 11:23:26 GMT

GET

kypdeasu.php
ww25.iupgxu.com/4xfl17291/ivl/mp0/y03q8h768/vuq/786/
Redirect Chain

https://iupgxu.com/4xfl17291/ivl/mp0/y03q8h768/vuq/786/kypdeasu.php
http://ww25.iupgxu.com/4xfl17291/ivl/mp0/y03q8h768/vuq/786/kypdeasu.php?subid1=20230213-2213-27c9-a30f-dad860820f36

0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
49 KB 384ms
106ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5363ac3270a3a87c9ec44bd0fff99d5f66902d634fa88e5d6cdbdb8abca519a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49893
x-xss-protection: 0
server: cafe
etag: 2171477405718009888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:13:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 143ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

044acf365f5269bc4439837d45427861c77a767ebf981ebc0ffbd2defb9420e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 11:12:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 11:13:26 GMT

GET
H2 200 style.min.css
valdai.su/wp-includes/css/dist/block-library/ 40 KB
6 KB 102ms
100ms Stylesheet
text/css 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 01:10:10 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ee18472-a055"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 styles.css
valdai.su/wp-content/plugins/contact-form-7/includes/css/ 2 KB
871 B 103ms
100ms Stylesheet
text/css 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-6d2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 postratings-css.css
valdai.su/wp-content/plugins/wp-postratings/css/ 1 KB
604 B 103ms
101ms Stylesheet
text/css 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.87
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-549"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 style.css
valdai.su/wp-content/themes/marafon/ 65 KB
17 KB 103ms
101ms Stylesheet
text/css 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/themes/marafon/style.css?ver=5.3.14
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7d9c6dadbf0cc4850792907be02a76a135a1029c79cfe57eef460b86ffea7ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-103b0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 slick.css
valdai.su/wp-content/themes/marafon/inc/slick/ 2 KB
763 B 103ms
101ms Stylesheet
text/css 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/themes/marafon/inc/slick/slick.css
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-6f0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 jquery.fancybox.min.css
valdai.su/wp-content/plugins/easy-fancybox/css/ 4 KB
1 KB 103ms
102ms Stylesheet
text/css 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-fda"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
33 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js?ver=5.3.14

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 19:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 19:56:25 GMT

GET
H2 200 scripts.js Show response
valdai.su/wp-content/themes/marafon/js/ 8 KB
2 KB 104ms
102ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/themes/marafon/js/scripts.js?ver=5.3.14
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: eaf0da3a230b1c89de88d4c557addf128ebda227794982785dc2411c21d1ae33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-2037"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 slick.min.js Show response
valdai.su/wp-content/themes/marafon/inc/slick/ 42 KB
10 KB 104ms
103ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/themes/marafon/inc/slick/slick.min.js
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-a76f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H2 200 stats.js Show response
ewaline.su/ 2 KB
895 B 497ms
90ms Script
application/x-javascript 87.236.16.89
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ewaline.su/stats.js
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.89 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.robin.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3bfdadc1c8c76ac77d103cd4f99637e89671b5d9fb36c05325e5e0ea34b05512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 12:14:40 GMT
server: nginx-reuseport/1.21.1
etag: W/"613b4c30-6df"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 copyright.min.js Show response
valdai.su/wp-includes/js/ 4 KB
2 KB 104ms
103ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-includes/js/copyright.min.js
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b40f77ec9e251bad0d0a055defbec9bd458681721e768579974e33d9141d12df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:26 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-e57"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:26 GMT

GET
H/1.1 200
OK /
buyeasy.by/redirect/cpa/o/pyqxgr0g5k2ya3b956s0fj1s0rusg6us/ 0
0 1333ms
155ms Image
text/html 208.94.232.9
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyeasy.by/redirect/cpa/o/pyqxgr0g5k2ya3b956s0fj1s0rusg6us/
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.94.232.9 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2

200

ru
beget.com/
Redirect Chain

https://beget.com/p180369
https://beget.com/
https://beget.com/ru

0
0

99ms
99ms

Image
text/html

193.168.47.254
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beget.com/ru
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.168.47.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

location: /ru
date: Mon, 13 Feb 2023 11:13:27 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK /
xmlproxy.ru/ 0
0 545ms
119ms Image
text/html 89.108.73.170
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xmlproxy.ru/?from=8139
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.108.73.170 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u8825.col.agava.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 scripts.js Show response
valdai.su/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 95ms
94ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-3868"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 postratings-js.js Show response
valdai.su/wp-content/plugins/wp-postratings/js/ 3 KB
957 B 95ms
92ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.87
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-d01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 smush-lazy-load.min.js Show response
valdai.su/wp-content/plugins/wp-smushit/app/assets/js/ 10 KB
4 KB 98ms
94ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.6.1
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2078765e0d62301b9315460b89f901db1f1368a9c0fa28d1b90f0b80dcea583c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-273f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
valdai.su/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 98ms
95ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Mon, 30 Nov 2020 12:19:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5fc4e341-1108"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 jquery.fancybox.min.js Show response
valdai.su/wp-content/plugins/easy-fancybox/js/ 19 KB
6 KB 98ms
95ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-4d4f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 jquery.easing.min.js Show response
valdai.su/wp-content/plugins/easy-fancybox/js/ 2 KB
972 B 98ms
95ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-8fe"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
valdai.su/wp-content/plugins/easy-fancybox/js/ 3 KB
1 KB 99ms
96ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e710079-a31"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 wp-embed.min.js Show response
valdai.su/wp-includes/js/ 1 KB
944 B 99ms
96ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-includes/js/wp-embed.min.js?ver=5.3.14
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:31:19 GMT
server: nginx-reuseport/1.21.1
etag: W/"60789487-56f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 404 sN4pkHSYT.js Show response
valdai.su/ 71 KB
71 KB 368ms
368ms XHR
text/html 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/sN4pkHSYT.js
Requested by: Host: bigreal.org
URL: https://bigreal.org/pushJs/N4pkHSYT.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: 3444e0567191142c0bb4e966aa5549cc07ff009726e23fbdaaa7c3422af7b676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 11:13:27 GMT
cache-control: no-cache, must-revalidate, max-age=0
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
link: <https://valdai.su/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
valdai.su/wp-includes/js/ 14 KB
5 KB 98ms
96ms Script
application/x-javascript 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:31:19 GMT
server: nginx-reuseport/1.21.1
etag: W/"60789487-3619"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Mon, 20 Feb 2023 11:13:27 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 448ms
165ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-11ffd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73725
expires: Mon, 13 Feb 2023 12:13:27 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 blue-crossline.png
valdai.su/wp-content/uploads/2020/01/ 308 B
493 B 99ms
98ms Image
image/png 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/uploads/2020/01/blue-crossline.png
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e5816668a165dcfbcca56b258fcd361193c4ca0f9c6f625b9f5f8b8c737933d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: "5e710079-134"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 308
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 322ms
41ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valdai.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 35061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:29:06 GMT

GET
DATA 200
OK truncated
/ 459 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90b39bf449018b6b090e1f0568253da93a29441b9170926c5c82868a5f072faf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 322 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 616e113ac0e195d35243fd45637644b809d0247347d8483ab4e65d73f80c02d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 330ms
52ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valdai.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 04:08:38 GMT
x-content-type-options: nosniff
age: 284689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:08:38 GMT

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: add62fe33aa010cc59a48bd2092eacfefe304e0de216f2fa1b00a762109de462

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 539 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19695f946119db05c26a922bb96c46a43f60c3898616316e76c41cadf9261423

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 205b9e005fc44e5d5ba379624a40cf1f1d4f187b1dd6ef490b8996da37ff859a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 478 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 852f5af62af0bf3293ef4362fd18426ad8219127a94589f00e048bb755098dec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 445 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7687fecfb3ca8ef9c8c56d57c6baf9cdaff9a7c4ef4cbd2d86a3320d8661c2fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 611b6d9940e41841daa2253548cb45d74b5da32d17b3c95e37436c373d259075

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45327238544d5e780719a720fe74aa937e4fba7895e21bf320ed626cf56e79a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 383ms
115ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valdai.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 17:09:27 GMT
x-content-type-options: nosniff
age: 65040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2024 17:09:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 375ms
107ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valdai.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:09:49 GMT
x-content-type-options: nosniff
age: 389018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:09:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 345ms
80ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valdai.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 281038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 05:09:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 357ms
94ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valdai.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 21:54:11 GMT
x-content-type-options: nosniff
age: 307156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 21:54:11 GMT

GET
H2 200 rating_over.gif
valdai.su/wp-content/plugins/wp-postratings/images/stars_crystal/ 1009 B
1 KB 93ms
93ms Image
image/gif 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: "5e710079-3f1"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1009
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 Logo.png
valdai.su/wp-content/uploads/2020/10/ 6 KB
6 KB 94ms
93ms Image
image/png 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/uploads/2020/10/Logo.png
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 8d04dace590f4962362e0022ff61db98a2a13855496a2e8dfe08fefbf4dceaf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:13:36 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa3e0-189c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6300
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 stub_25f1a3f607fdaf9_320x200.jpg
valdai.su/wp-content/cache/thumb/ 804 B
991 B 94ms
92ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/stub_25f1a3f607fdaf9_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 55afd05d0b5d96bfdc6fffe404d99d4159c1409cd61a07834d9d8f7d82054f65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Fri, 10 Feb 2023 17:54:37 GMT
server: nginx-reuseport/1.21.1
etag: "63e684dd-324"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 804
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 28aaee658f2775d_320x200.jpg
valdai.su/wp-content/cache/thumb/5d/ 11 KB
11 KB 94ms
93ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/5d/28aaee658f2775d_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 09ee05c26a3bd6af11b44146221c5ac5f1a08144893489739cd737430edc87ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:00 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4ac-2c27"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11303
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 c8780a7d4ffe014_320x200.jpg
valdai.su/wp-content/cache/thumb/14/ 10 KB
10 KB 95ms
93ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/14/c8780a7d4ffe014_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: daaaa7f6aa04f7960a321f6fd2eec4b7b1fdd5d514c7d04ecc4e6e2962ea100f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:00 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4ac-2760"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10080
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 5fc161090ad8c3e_320x200.jpg
valdai.su/wp-content/cache/thumb/3e/ 7 KB
8 KB 96ms
94ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/3e/5fc161090ad8c3e_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e042b653861ac5e3bd118f5656c7a33dae82a6e9d62abe945fef0f8ce73d7e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:01 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4ad-1d62"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7522
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 9234aca30927044_320x200.jpg
valdai.su/wp-content/cache/thumb/44/ 9 KB
9 KB 96ms
94ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/44/9234aca30927044_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: fe55fc4e556f9f6134c41c70a57b425073ee6ab794bf218ba9e82ebf6eb78f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:01 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4ad-2267"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8807
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 8a72675d94d6d1b_320x200.gif
valdai.su/wp-content/cache/thumb/1b/ 387 B
572 B 96ms
94ms Image
image/gif 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/1b/8a72675d94d6d1b_320x200.gif
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6b34b2611dad5a0d46ad11a80b0d07840224c2b4a2f9011fbff5891fd6d82755

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:16:53 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4a5-183"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 387
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 c6c8b2e51eded90_320x200.jpg
valdai.su/wp-content/cache/thumb/90/ 6 KB
6 KB 96ms
95ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/90/c6c8b2e51eded90_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9f7afd50172c2f6c5770f83b49036573b0bd7bdc699cb030b69f81f5ac374e26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:01 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4ad-16ca"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5834
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 52de9abb5ff278c_320x200.jpg
valdai.su/wp-content/cache/thumb/8c/ 12 KB
12 KB 96ms
95ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/8c/52de9abb5ff278c_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 275ac55d87b21a370d266c49ca0a7644e1b22b00438dbbb94cf1c80ee0bb0538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:01 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4ad-311b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12571
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 7fbaacbea9143e4_320x200.jpg
valdai.su/wp-content/cache/thumb/e4/ 11 KB
11 KB 96ms
95ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/e4/7fbaacbea9143e4_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e021c81c8f56804364192f1ab3297951b7700f48697005582ce5339c3eef7e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:01 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4ad-2a6f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10863
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 d04618c2bf4e22a_320x200.jpg
valdai.su/wp-content/cache/thumb/2a/ 11 KB
11 KB 96ms
95ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/2a/d04618c2bf4e22a_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: de31caef166f1c6f42ca570f94d2ee985189ac3c7c564065eb0d16303c3819a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:03 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4af-2b8f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11151
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 8fe270ca0bebfca_320x200.png
valdai.su/wp-content/cache/thumb/ca/ 4 KB
4 KB 96ms
95ms Image
image/png 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/ca/8fe270ca0bebfca_320x200.png
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: bcd801b34d06bc637785a7f8448c01f63ee81ed455b7297469aab881bcd9c946

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:04 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4b0-f98"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3992
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 8e0c6e12aeeaae5_320x200.jpg
valdai.su/wp-content/cache/thumb/e5/ 8 KB
8 KB 96ms
96ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/e5/8e0c6e12aeeaae5_320x200.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1a00ba3566b90c3c8882102c9a52536115dd4975d1ae6d6da73ca41ddf68c19f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:04 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4b0-1fe6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8166
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 refill Show response
valdai.su/wp-json/contact-form-7/v1/contact-forms/272/ 65 B
602 B 335ms
335ms XHR
application/json 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://valdai.su/wp-json/contact-form-7/v1/contact-forms/272/refill

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js?ver=5.3.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),

Reverse DNS

ssl.stack.beget.com

Software

nginx-reuseport/1.21.1 / PHP/7.4.33

Resource Hash

eba0ab63a297c8c31e5fef7f74799a43f1722113479a9e92cdd7969f7f9805ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://valdai.su/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
x-content-type-options: nosniff
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
link: <https://valdai.su/wp-json/>; rel="https://api.w.org/"
content-length: 65
access-control-allow-headers: Authorization, Content-Type

GET
H2 200 ajax-loader.gif
valdai.su/wp-content/plugins/contact-form-7/images/ 847 B
1 KB 158ms
158ms Image
image/gif 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/plugins/contact-form-7/images/ajax-loader.gif
Requested by: Host: valdai.su
URL: https://valdai.su/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Tue, 17 Mar 2020 16:53:13 GMT
server: nginx-reuseport/1.21.1
etag: "5e710079-34f"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 847
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 cf9b712b0d1eb1f_210x131.gif
valdai.su/wp-content/cache/thumb/1f/ 785 B
970 B 153ms
152ms Image
image/gif 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/1f/cf9b712b0d1eb1f_210x131.gif
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 430020a56c175e3a3d033653ec9d1b8ba1a8d0a4284c5a4323ac21c2454f15ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:04 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4b0-311"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 785
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 e09c9965f5c94a7_210x131.jpg
valdai.su/wp-content/cache/thumb/a7/ 4 KB
5 KB 153ms
152ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/a7/e09c9965f5c94a7_210x131.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0025cc211722dcb6ba73aded7800e793a19c931bf47400401181121e5ceab356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Fri, 05 Mar 2021 03:40:54 GMT
server: nginx-reuseport/1.21.1
etag: "6041a846-11b1"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4529
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 200 8c2fc52a0779721_210x131.jpg
valdai.su/wp-content/cache/thumb/21/ 6 KB
6 KB 153ms
152ms Image
image/jpeg 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valdai.su/wp-content/cache/thumb/21/8c2fc52a0779721_210x131.jpg
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 405a132a5c54fed6646d52239499f11a011f3b51c791bb421d8220606f7e0c30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
last-modified: Thu, 29 Oct 2020 11:17:05 GMT
server: nginx-reuseport/1.21.1
etag: "5f9aa4b1-16f4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5876
expires: Wed, 15 Mar 2023 11:13:27 GMT

GET
H2 404 sMnkzhUUB_n.js Show response
valdai.su/ 71 KB
71 KB 450ms
450ms XHR
text/html 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/sMnkzhUUB_n.js
Requested by: Host: bigreal.org
URL: https://bigreal.org/pushJs/N4pkHSYT.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: 3444e0567191142c0bb4e966aa5549cc07ff009726e23fbdaaa7c3422af7b676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 11:13:27 GMT
cache-control: no-cache, must-revalidate, max-age=0
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
link: <https://valdai.su/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 362 KB
119 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6308316893311714&plah=valdai.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

122e4507eed63f7201504f03fdf66194c3de110ed887824df649584e66d0fb26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121759
x-xss-protection: 0
server: cafe
etag: 16308391100142992445
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:13:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 3B55 10 KB
5 KB 136ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://valdai.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 09:33:57 GMT
etag: 10353107486223812946
expires: Mon, 27 Feb 2023 09:33:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ru
beget.com/
Redirect Chain

https://beget.com/p1122567
https://beget.com/
https://beget.com/ru

0
0

99ms
99ms

Image
text/html

193.168.47.254
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beget.com/ru
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.168.47.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

location: /ru
date: Mon, 13 Feb 2023 11:13:27 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-frame-options: SAMEORIGIN

GET
H2

200

/
allpositions.ru/
Redirect Chain

https://allpositions.ru/redirect/158376
https://allpositions.ru/redirect/index/158376/1
https://allpositions.ru/

0
0

102ms
102ms

Image
text/html

190.115.31.9
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allpositions.ru/
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 190.115.31.9 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

date: Mon, 13 Feb 2023 11:11:01 GMT
content-encoding: gzip
server: ddos-guard
age: 146
x-powered-by: PHP/5.2.17
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: http://allpositions.ru/
ddg-cache-status: HIT
content-length: 26

GET
H2 200 /
timeweb.com/ru/ 0
0 302ms
85ms Image
text/html 2a03:6f00:1:2::5c35:746b
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timeweb.com/ru/?i=55067
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1:2::5c35:746b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 /
serpstat.com/ru/ 0
0 363ms
219ms Image
text/html 78.46.102.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serpstat.com/ru/?ref=193428
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.102.85 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: serpstat.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2

200

signup
luckyads.pro/account/
Redirect Chain

https://luckyads.pro/account/signup/?refid=13637
https://luckyads.pro/account/signup?refid=13637

0
0

94ms
93ms

Image
text/html

190.115.18.184
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luckyads.pro/account/signup?refid=13637
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 190.115.18.184 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

location: /account/signup?refid=13637
content-security-policy: upgrade-insecure-requests;
date: Mon, 13 Feb 2023 11:13:27 GMT
server: ddos-guard

GET
H2

200

/
ads2.bid/
Redirect Chain

https://ads.bid/?pid=14362
https://ads2.bid/?pid=14362

0
0

357ms
192ms

Image
text/html

85.192.12.170
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads2.bid/?pid=14362
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 85.192.12.170 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

location: https://ads2.bid/?pid=14362
date: Mon, 13 Feb 2023 11:13:27 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H2

200

/
gogetlinks.net/
Redirect Chain

https://gogetlinks.net/?inv=s72v7q
https://gogetlinks.net/

0
0

106ms
105ms

Image
text/html

93.171.200.70
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gogetlinks.net/
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 93.171.200.70 , Czech Republic, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: gw.gogetlinks.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:27 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
last-modified: Mon, 13 Feb 2023 11:13:27 GMT
server: ddos-guard
x-powered-by: PHP/7.3.33-1+0~20211119.91+debian9~1.gbp618351
x-frame-options: SAMEORIGIN
content-type: text/html; charset=windows-1251
location: /
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 from:474046
www.miralinks.ru/ 60 KB
60 KB 482ms
286ms Image
text/html 178.154.254.12
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.miralinks.ru/from:474046
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.154.254.12 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

index.php
www.sape.ru/
Redirect Chain

https://www.sape.ru/r.FuuiRSJADo.php
https://www.sape.ru/index.php?set_refid=FuuiRSJADo

0
0

189ms
188ms

Image
text/html

193.232.121.11
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sape.ru/index.php?set_refid=FuuiRSJADo
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.232.121.11 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

location: https://www.sape.ru/index.php?set_refid=FuuiRSJADo
date: Mon, 13 Feb 2023 11:13:27 GMT
server: nginx
x-request-id: 371bd0cac2e2ba01d646b98aa3afc1c0
content-type: text/html; charset=utf-8

GET
H2

200

/
www.sape.ru/
Redirect Chain

https://articles.sape.ru/r.FuuiRSJADo.php
https://www.sape.ru/?set_refid=FuuiRSJADo&r=articles&refurl=https%3A%2F%2Farticles.sape.ru%2Fr.FuuiRSJADo.php

0
0

114ms
113ms

Image
text/html

193.232.121.11
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sape.ru/?set_refid=FuuiRSJADo&r=articles&refurl=https%3A%2F%2Farticles.sape.ru%2Fr.FuuiRSJADo.php
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.232.121.11 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location: https://www.sape.ru/?set_refid=FuuiRSJADo&r=articles&refurl=https%3A%2F%2Farticles.sape.ru%2Fr.FuuiRSJADo.php
Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
X-Request-ID: 838fc8718d7f8af4c953e7f5104e8e5d
Content-Type: text/html

GET
H2

200

/
www.sape.ru/
Redirect Chain

https://pr.sape.ru/r.FuuiRSJADo.php
https://www.sape.ru/?set_refid=FuuiRSJADo&r=pr&refurl=https%3A%2F%2Fpr.sape.ru%2Fr.FuuiRSJADo.php

0
0

143ms
143ms

Image
text/html

193.232.121.11
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sape.ru/?set_refid=FuuiRSJADo&r=pr&refurl=https%3A%2F%2Fpr.sape.ru%2Fr.FuuiRSJADo.php
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.232.121.11 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location: https://www.sape.ru/?set_refid=FuuiRSJADo&r=pr&refurl=https%3A%2F%2Fpr.sape.ru%2Fr.FuuiRSJADo.php
Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
X-Request-ID: 6f5524ac8253ab90aa6bc922ce79c8cb
Content-Type: text/html

GET
H2

200

/
www.sape.ru/
Redirect Chain

https://www.seowizard.ru/r.FuuiRSJADo.php
https://www.sape.ru/?set_refid=FuuiRSJADo&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.FuuiRSJADo.php

0
0

120ms
119ms

Image
text/html

193.232.121.11
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sape.ru/?set_refid=FuuiRSJADo&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.FuuiRSJADo.php
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.232.121.11 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

location: https://www.sape.ru/?set_refid=FuuiRSJADo&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.FuuiRSJADo.php
date: Mon, 13 Feb 2023 11:13:28 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H2

200

/
www.sape.ru/
Redirect Chain

https://rtb.sape.ru/r.FuuiRSJADo.php
https://www.sape.ru/?set_refid=FuuiRSJADo&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.FuuiRSJADo.php

0
0

143ms
142ms

Image
text/html

193.232.121.11
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sape.ru/?set_refid=FuuiRSJADo&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.FuuiRSJADo.php
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.232.121.11 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location: https://www.sape.ru/?set_refid=FuuiRSJADo&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.FuuiRSJADo.php
Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
X-Request-ID: 82f5a47be78a86167f425a7ed47ac428
Content-Type: text/html

GET
H2

200

/
www.sape.ru/
Redirect Chain

https://traffic.sape.ru/r.FuuiRSJADo.php
https://www.sape.ru/?set_refid=FuuiRSJADo&r=rt&refurl=https://traffic.sape.ru/r.FuuiRSJADo.php

0
0

163ms
162ms

Image
text/html

193.232.121.11
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sape.ru/?set_refid=FuuiRSJADo&r=rt&refurl=https://traffic.sape.ru/r.FuuiRSJADo.php
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 193.232.121.11 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location: https://www.sape.ru/?set_refid=FuuiRSJADo&r=rt&refurl=https://traffic.sape.ru/r.FuuiRSJADo.php
Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
X-Request-ID: 280fae144e14ea0174b075b1cb128097
Content-Type: text/html

GET
H/1.1 200
OK c_a2a0b5cdfb692bc20478e236886f9ffe
fastvps.ru/ 0
0 732ms
359ms Image
text/html 178.248.233.120
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastvps.ru/c_a2a0b5cdfb692bc20478e236886f9ffe
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.248.233.120 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2

200

/
www.etxt.ru/
Redirect Chain

https://www.etxt.ru/?r=rutoz
https://www.etxt.ru/

0
0

137ms
136ms

Image
text/html

2606:4700:10::ac43:aae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.etxt.ru/
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 2606:4700:10::ac43:aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

location: https://www.etxt.ru/
date: Mon, 13 Feb 2023 11:13:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 798d22876ca591ff-FRA
content-type: text/html; charset=windows-1251

GET ru
www.telderi.ru/ 0
0

GET
H2 404 register101
text.ru/ 0
0 311ms
209ms Image
text/html 2606:4700:20::681a:40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://text.ru/register101
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H/1.1

502
Bad Gateway

/
advego.com/
Redirect Chain

https://advego.com/1um4EAEVhQ
https://advego.com/1um4EAEVhQ/
https://advego.com/

0
0

226ms
225ms

Image
text/html

185.65.149.181
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advego.com/
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: HTTP/1.1
Server: 185.65.149.181 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location: https://advego.com/
Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: QRATOR
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 178
Content-Type: text/html

GET
H2 200 /
workhard.online/ 0
0 199ms
43ms Image
text/html 138.68.71.122
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://workhard.online/?partner=81854
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.71.122 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H/1.1

200
OK

/
kwork.ru/
Redirect Chain

https://kwork.ru/ref/30740
https://kwork.ru/

0
0

229ms
228ms

Image
text/html

178.248.232.168
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kwork.ru/
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: HTTP/1.1
Server: 178.248.232.168 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Date: Mon, 13 Feb 2023 11:13:28 GMT
Content-Security-Policy: frame-ancestors 'self' http://webvisor.com http://awards.ratingruneta.ru
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000
Server: QRATOR
Transfer-Encoding: chunked
Vary: Accept-Encoding, User-Agent
Content-Type: text/html; charset=UTF-8
Location: /
Connection: keep-alive
Keep-Alive: timeout=15

GET
H2 200 /
collaborator.pro/ 0
0 1069ms
974ms Image
text/html 2606:4700:20::681a:4e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collaborator.pro/?ref=M4F8vh
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2

200

/
aliexpress.ru/
Redirect Chain

https://s.click.aliexpress.com/e/_9vvP9d
https://best.aliexpress.ru/?lan=en&aff_fcid=b18ba51a67484b37bae9ba9110038eb2-1676286809506-06872-_9vvP9d&aff_fsk=_9vvP9d&aff_platform=portals-tool&sk=_9vvP9d&aff_trace_key=b18ba51a67484b37bae9ba911...
https://aliexpress.ru/
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Faliexpress.ru%2F
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=f5b53578fa0745c4b7985eca8240f4f2&xman_goto=https%3A%2F%2Faliexpress.ru%2F&_ga=
https://aliexpress.ru/

0
0

156ms
156ms

Image
text/html

47.246.133.89
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aliexpress.ru/
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 47.246.133.89 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

date: Mon, 13 Feb 2023 11:13:33 GMT
strict-transport-security: max-age=31536000
server: Tengine
p3p: CP="CAO PSA OUR"
location: https://aliexpress.ru/
content-language: en-US
content-type: text/html;charset=UTF-8
timing-allow-origin: *
content-length: 0
eagleeye-traceid: 211675cc16762868130081817e145b

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9913._g4Tkt7KmXeB7aqcB2HhNv4DFvJXb9BiHRfsIW-afO5B9mtp57S_s8BA4nxY4OdN.sO4Yz63_BQ8D7u13_2IxUPlg7DY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9913.4ZP_SD5ncuHAf_zn63iG5Hz9H681KmTRQ6BfPILMpdG9AaIg8x1ZX6FY-sZcJGltnGsOpMjZ5DrMKCxi-0AwBDojagCBsd5UMUiEtyYFdqc%2C.TSpE4yXC9Q03G42KJvMbvA167XA%2C

43 B
67 B

85ms
85ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9913.4ZP_SD5ncuHAf_zn63iG5Hz9H681KmTRQ6BfPILMpdG9AaIg8x1ZX6FY-sZcJGltnGsOpMjZ5DrMKCxi-0AwBDojagCBsd5UMUiEtyYFdqc%2C.TSpE4yXC9Q03G42KJvMbvA167XA%2C

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9913.4ZP_SD5ncuHAf_zn63iG5Hz9H681KmTRQ6BfPILMpdG9AaIg8x1ZX6FY-sZcJGltnGsOpMjZ5DrMKCxi-0AwBDojagCBsd5UMUiEtyYFdqc%2C.TSpE4yXC9Q03G42KJvMbvA167XA%2C
date: Mon, 13 Feb 2023 11:13:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 86ms
86ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Feb 2023 12:13:28 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 138ms
49ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=valdai.su&callback=_gfp_s_&client=ca-pub-6308316893311714

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6308316893311714&plah=valdai.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c66e90b31bf8c75a0153a8b4d937bfdfa23abe1b4c09d1e8ff9e61bb0ff10a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 150ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=valdai.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 141ms
52ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=valdai.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3474 208 KB
53 KB 314ms
313ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&adk=1812271804&adf=3025194257&lmt=1676286807&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fvaldai.su%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286807507&bpp=5&bdt=656&idt=245&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4088224696529&frm=20&pv=2&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ffa3c2c46de76d21d42c06babf93e9c0fffe8d572d3b381a8d5eb3b4361445d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://valdai.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 53812
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 11:13:28 GMT
expires: Mon, 13 Feb 2023 11:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 rb_N4pkHSYT.js Show response
valdai.su/ 71 KB
71 KB 399ms
399ms XHR
text/html 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/rb_N4pkHSYT.js
Requested by: Host: bigreal.org
URL: https://bigreal.org/pushJs/N4pkHSYT.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: 3444e0567191142c0bb4e966aa5549cc07ff009726e23fbdaaa7c3422af7b676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 11:13:28 GMT
cache-control: no-cache, must-revalidate, max-age=0
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
link: <https://valdai.su/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 150 KB
51 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1140d2ea7a06547dbf7dd5d2ff7bba1808d8707dbb71387e9f239c61d6d897f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52318
x-xss-protection: 0
server: cafe
etag: 11345558655975254741
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 52ms
50ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=valdai.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=valdai.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 515E 105 KB
36 KB 406ms
406ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=410927257&adf=434042314&pi=t.aa~a.2933074733~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=2&bdt=1338&idt=-M&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XCDVHSRSDS&p=https%3A//valdai.su&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

059d35170ed0c99c00322f16f6cf8ff05cfa2de3ecdcd0a3eb004d51684d9451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://valdai.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36736
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 11:13:28 GMT
expires: Mon, 13 Feb 2023 11:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F41E 93 KB
33 KB 364ms
364ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=2207806058&adf=3427559376&pi=t.aa~a.258064809~rp.1&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=1&bdt=1338&idt=1&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zFeLrCtTKk&p=https%3A//valdai.su&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5f7521cd0d67b152d58068b675e2fd66431808ef789ff23954b204cf6641382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://valdai.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33887
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 11:13:28 GMT
expires: Mon, 13 Feb 2023 11:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 rb_MnkzhUUB_n.js Show response
valdai.su/ 71 KB
71 KB 376ms
375ms XHR
text/html 87.236.16.65
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://valdai.su/rb_MnkzhUUB_n.js
Requested by: Host: bigreal.org
URL: https://bigreal.org/pushJs/N4pkHSYT.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.65 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.stack.beget.com
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: 3444e0567191142c0bb4e966aa5549cc07ff009726e23fbdaaa7c3422af7b676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 11:13:28 GMT
cache-control: no-cache, must-revalidate, max-age=0
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
link: <https://valdai.su/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=valdai.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=valdai.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame 7EEB 10 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://valdai.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 05:04:58 GMT
etag: 10353107486223812946
expires: Mon, 27 Feb 2023 05:04:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7EEB 4 KB
732 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 11:13:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EEB 205 B
649 B 179ms
52ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:17 GMT
x-content-type-options: nosniff
age: 3311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Feb 2024 10:18:17 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7EEB 604 B
694 B 180ms
53ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:51:03 GMT
x-content-type-options: nosniff
age: 4945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Feb 2024 09:51:03 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/ Frame 7EEB 20 KB
9 KB 155ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:34:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8363
x-xss-protection: 0
server: cafe
etag: 13687106600067785872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:34:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CA1B 8 KB
968 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 10:14:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame CA1B 2 KB
846 B 131ms
82ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame CA1B 22 KB
9 KB 92ms
45ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:03:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame CA1B 3 KB
1 KB 128ms
81ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 09:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame CA1B 18 KB
8 KB 97ms
50ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA1B 156 KB
48 KB 149ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame CA1B 34 KB
14 KB 111ms
54ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 01:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 May 2023 01:17:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F41E 6 KB
672 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=2207806058&adf=3427559376&pi=t.aa~a.258064809~rp.1&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=1&bdt=1338&idt=1&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zFeLrCtTKk&p=https%3A//valdai.su&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:54:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F41E 2 KB
799 B 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F41E 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjGeOWBvqY6G5D7vBiQa72KLQCPWu2r1lkL7R6vMP3NeV8ooZEAEg-6fWKGCVwqaCsAegAeXLy-IDyAEJqQKf-_EO8umxPqgDAcgDywSqBLQBT9Cl_TQzSQ5zUZdxwhtkoojAbpHJ7mFIVONVhk2ExFuPNI0TsP-pt_e9QSHYShJOTHKxs_d2jrB5LuWx7LCK3AFF7sId-hYcPme1NVpoywAcLlrM6NRpiDgb06m32EMlvtHifvK9033S0saySDpIVr9SwmgASAqMpONPvlp9-BiYAvrFsS2QPen3JgDZLTgwaKGlGI0cVH9gNUOKMoYf578W_6hdyBDu1zwd7Pqsoui09OR5wATovJyk-AKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHg7S0HagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELWwHNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUBdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MzA4MzE2ODkzMzExNzE0GAA&sigh=iaHWhbctB28&uach_m=[UACH]&cid=CAQSKQDUE5ymA-z1SxOoO9cHl6UNIesq--7d1hFwmlCHgF3IOcIrMbB8vL8OGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=2207806058&adf=3427559376&pi=t.aa~a.258064809~rp.1&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=1&bdt=1338&idt=1&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zFeLrCtTKk&p=https%3A//valdai.su&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Feb 2023 11:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame F41E 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:03:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F41E 3 KB
1 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 09:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame F41E 18 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F41E 0
0 137ms
48ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiYsynBkEFuTO4RxGvXC46L87Puu-wNfsGznPIMNC7fHCBPzLNCMoJn7Qn7Geq2EmppfdZBHkiNEFlCzardd-L5cC-Mg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=2207806058&adf=3427559376&pi=t.aa~a.258064809~rp.1&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=1&bdt=1338&idt=1&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zFeLrCtTKk&p=https%3A//valdai.su&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10414710379718716139/ Frame F41E 16 KB
16 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10414710379718716139/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c35f4a50b709936d602fc8da87e4b46aef1615502c14c6ecd21634a818d0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 02:56:38 GMT
x-content-type-options: nosniff
age: 375410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15894
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 13:21:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 02:56:38 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/77364042245303829/ Frame F41E 1 KB
2 KB 47ms
47ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/77364042245303829/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1847303d5cd4f09e0cba12e56689d130dcaa1eeb7e72d7a233ac1a2df384bea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 15:26:43 GMT
x-content-type-options: nosniff
age: 330405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1263
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 08:41:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 15:26:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F41E 156 KB
48 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame F41E 33 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 May 2023 15:23:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 515E 8 KB
895 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=410927257&adf=434042314&pi=t.aa~a.2933074733~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=2&bdt=1338&idt=-M&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XCDVHSRSDS&p=https%3A//valdai.su&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 10:07:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 515E 2 KB
799 B 41ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 515E 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CehawWBvqY56JD72Z-cAP9Ky9kATW-878boTp8_DTEOre0uCyARABIPun1ihglcKmgrAHoAG5-p_UA8gBCakCl56MBp9Soj6oAwHIA8sEqgTEAU_QJNlNK4Iv8ASbcuqCP0QILut6NjEuIGD8_CssJTQrFFc4ZZYn94yUBqRIPOUcW2ChZCvdFgsW2d5uJQKAEB5QptGFmM1G3bMJWo1_NfIqCQgHAS0di98yTRglumfuUqJsdVslfdGTH9RTT_ARy9JRyIVi_oES5kT804s1GXEc-cJCey8E_MQ8DqwH4NBFSON4yIh8Zl0RFxpJX0LHQc2dSBWLjnqe3kBIbhdLKD-liaQ57mjlboCtbr37NDajnCLStuXABLCj4Y_yA5IFBAgEGAGSBQQIBRgEoAYugAevheArqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQnogI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNjMwODMxNjg5MzMxMTcxNBgA&sigh=fYBbLSsdBAg&uach_m=[UACH]&cid=CAQSKQDUE5ymVN5j2zBodFk0s9Oq5ppUZ5qoLdl8NeQ-PJCk8gW1GcanABeXGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=410927257&adf=434042314&pi=t.aa~a.2933074733~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=2&bdt=1338&idt=-M&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XCDVHSRSDS&p=https%3A//valdai.su&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Feb 2023 11:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 515E 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:03:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 515E 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 09:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 515E 18 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 515E 0
0 96ms
47ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_GJbGYbsYuREtHtXi3iDEcQsMrLOhiK1XprGPMFBJhsMKg5dgnFymFVCvVKrJ3nOfIclQAy0VeQfZoV8JVCFwEuwtYw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=410927257&adf=434042314&pi=t.aa~a.2933074733~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=2&bdt=1338&idt=-M&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=3038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XCDVHSRSDS&p=https%3A//valdai.su&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 515E 156 KB
48 KB 63ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 11:13:28 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 515E 33 KB
14 KB 54ms
52ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 May 2023 15:23:14 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17797564333505401504/ Frame 515E 27 KB
27 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17797564333505401504/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e7103920b867c137e5258c67f273961bca78d6024ee59d20f8e869147cbe31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 22:02:00 GMT
x-content-type-options: nosniff
age: 306688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27384
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 13:21:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 22:02:00 GMT

GET
DATA 200
OK truncated
/ Frame 515E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 515E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B5F2 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Mon, 13 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F41E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92668f8d0d51efbf5a1291e352f7a875f4fe6afb96e752dc684caf15972c1add

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

1 Show response
mc.yandex.com/watch/61096375/
Redirect Chain

https://mc.yandex.com/watch/61096375?wmode=7&page-url=https%3A%2F%2Fvaldai.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1739%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...
https://mc.yandex.com/watch/61096375/1?wmode=7&page-url=https%3A%2F%2Fvaldai.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1739%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...

454 B
537 B

89ms
89ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61096375/1?wmode=7&page-url=https%3A%2F%2Fvaldai.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1739%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1413206995370%3Ahid%3A947963370%3Az%3A0%3Ai%3A20230213111327%3Aet%3A1676286808%3Ac%3A1%3Arn%3A579570912%3Arqn%3A1%3Au%3A16762868081065977931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C190%2C485%2C2%2C845%2C0%2C%2C323%2C32%2C%2C%2C%2C1847%3Aco%3A0%3Acpf%3A1%3Ans%3A1676286805326%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676286809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BF%D1%80%D0%BE%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5%20-%20valdai.su&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

72093863f7c1e87c1e5b25b809c2723e146a67282b05738a9e4ea08f6e34e06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Feb-2023 11:13:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://valdai.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:13:28 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Feb-2023 11:13:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/61096375/1?wmode=7&page-url=https%3A%2F%2Fvaldai.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A1739%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1413206995370%3Ahid%3A947963370%3Az%3A0%3Ai%3A20230213111327%3Aet%3A1676286808%3Ac%3A1%3Arn%3A579570912%3Arqn%3A1%3Au%3A16762868081065977931%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C190%2C485%2C2%2C845%2C0%2C%2C323%2C32%2C%2C%2C%2C1847%3Aco%3A0%3Acpf%3A1%3Ans%3A1676286805326%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676286809%3At%3A%D0%92%D1%81%D0%B5%20%D0%BF%D1%80%D0%BE%20%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B5%20-%20valdai.su&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://valdai.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:13:28 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 87C6 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:00:17 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6B2B 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Mon, 13 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B5F2
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENu46Uk4xNx1G_yDffAf_tM&google_cver=1&google_push=Aa02lx8LyGQdKgPt21wLMHhlzzNMahQLmOCno0GXhJNsN5NQzT74azkBMs24fHFU7jGjU2-2XM24-VRgjdOpuhMDABbgbhrypED3Lg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMTk4NTU1NjQ4ODgxNTgzNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELiF0ZfR65mX6tjGCgNSTF4&google_cver=1

43 B
398 B

46ms
44ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELiF0ZfR65mX6tjGCgNSTF4&google_cver=1
Requested by: Host: valdai.su
URL: https://valdai.su/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELiF0ZfR65mX6tjGCgNSTF4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B5F2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBRjpcV40ZL90_36fXiazFA&google_cver=1&google_push=Aa02lx91MegZ570JaUjl937uNytHgWpWO03q98tS66MjGvqyYwmf_8QbA_c56mydGgf-Mzg2xVf7YycwTHa7zf1-...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx91MegZ570JaUjl937uNytHgWpWO03q98tS66MjGvqyYwmf_8QbA_c56mydGgf-Mzg2xVf7YycwTHa7zf1-mBDdt-IpmibTxQ

170 B
232 B

51ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx91MegZ570JaUjl937uNytHgWpWO03q98tS66MjGvqyYwmf_8QbA_c56mydGgf-Mzg2xVf7YycwTHa7zf1-mBDdt-IpmibTxQ

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: MT3 457 2362390 master cdg-pixel-x31 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx91MegZ570JaUjl937uNytHgWpWO03q98tS66MjGvqyYwmf_8QbA_c56mydGgf-Mzg2xVf7YycwTHa7zf1-mBDdt-IpmibTxQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 13 Feb 2023 11:13:27 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B5F2 70 B
265 B 180ms
61ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHRp6j0HvAsjhy_KvMz8iI0&google_cver=1&google_push=Aa02lx8oYdB_ZbrN1xZDPa5AhQ-9ftIROB3ZfE8VsisOyctYYmBZCURQB384oYD7CTRnjoWgtkkHBlg1rfEcUsVRoDkb3oEK7hnLiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6308316893311714&output=html&h=280&adk=2207806058&adf=3427559376&pi=t.aa~a.258064809~rp.1&w=1000&fwrn=4&fwrnh=100&lmt=1676286808&rafmt=1&to=qs&pwprc=8739488384&format=1000x280&url=https%3A%2F%2Fvaldai.su%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676286808188&bpp=1&bdt=1338&idt=1&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=4088224696529&frm=20&pv=1&ga_vid=1531073355.1676286808&ga_sid=1676286808&ga_hid=385130731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=4129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071756%2C31072227&oid=2&pvsid=4079292012171429&tmod=391265024&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zFeLrCtTKk&p=https%3A//valdai.su&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B5F2
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEP9o_S-Rq-9y3N0v7h0J5rA&google_cver=1&google_push=Aa02lx_jjwgPJkwWg614N4rFL68xmQOe-0YH4-g8fe95L_hnesdxxF1ychCQJTzOpv00U0fSWSQ-AwEBYxf...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_jjwgPJkwWg614N4rFL68xmQOe-0YH4-g8fe95L_hnesdxxF1ychCQJTzOpv00U0fSWSQ-AwEBYxf0HprfccXZosscrWa_1A&google_hm=VUQU7bhETPyHwQHbVy...

170 B
232 B

52ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_jjwgPJkwWg614N4rFL68xmQOe-0YH4-g8fe95L_hnesdxxF1ychCQJTzOpv00U0fSWSQ-AwEBYxf0HprfccXZosscrWa_1A&google_hm=VUQU7bhETPyHwQHbVyavGGc

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_jjwgPJkwWg614N4rFL68xmQOe-0YH4-g8fe95L_hnesdxxF1ychCQJTzOpv00U0fSWSQ-AwEBYxf0HprfccXZosscrWa_1A&google_hm=VUQU7bhETPyHwQHbVyavGGc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B5F2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx_UZ2vNgfzu0y_hSACXig95sxPqIOmJo...

170 B
232 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx_UZ2vNgfzu0y_hSACXig95sxPqIOmJoAQn1qOPQHR10rlJtgNKhdRXjNqJL4tyr7JvkKgTiaSy0s0nXVSLd-fSFBcOk9_rpw

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbA6qDdNo4dX49Jz9KiUDfLSahcZD55ajRXu6jIdzD3kLwuIX%2Br%2FpkjSywS1Tmr7%2FiiFVjEqM6eKNsq2dycZHuPThMKuuvxuCkGWZPs%2Foe2TuPZ32KjrXybL%2Br8T9KXNdFDGxH1Q1KFkdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGwoF5IQnBXx9n3tI4foklE&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx_UZ2vNgfzu0y_hSACXig95sxPqIOmJoAQn1qOPQHR10rlJtgNKhdRXjNqJL4tyr7JvkKgTiaSy0s0nXVSLd-fSFBcOk9_rpw
cache-control: no-cache
cf-ray: 798d228c0eed361f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B5F2
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDbStfSTck46xGiqz2XKp18&google_cver=1&google_push=Aa02lx9APsRkHDKOE-y6_r1jcgtbBjH2esvOxvi-PEM7ihHiDqCd_gT0rr7lLH1zdn1TzIF-q-t_9rwnCeLSP9_S...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9APsRkHDKOE-y6_r1jcgtbBjH2esvOxvi-PEM7ihHiDqCd_gT0rr7lLH1zdn1TzIF-q-t_9rwnCeLSP9_SRULLYm5NYUx1wQ

170 B
329 B

51ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9APsRkHDKOE-y6_r1jcgtbBjH2esvOxvi-PEM7ihHiDqCd_gT0rr7lLH1zdn1TzIF-q-t_9rwnCeLSP9_SRULLYm5NYUx1wQ

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 13 Feb 2023 11:13:28 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9APsRkHDKOE-y6_r1jcgtbBjH2esvOxvi-PEM7ihHiDqCd_gT0rr7lLH1zdn1TzIF-q-t_9rwnCeLSP9_SRULLYm5NYUx1wQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: e24wz8QFnIiPEi54atkq5j4F6_cDECYDlNorLRVbQZ_fPaBcMBURSQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5F2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-ca78f23b-a98b-464a-9d9c-e049ed0c8877-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8nmDkJeX4o_3EtEs3yp...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ&google_hm=A8p48jupi0ZKnZzgSe0MiHc

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ&google_hm=A8p48jupi0ZKnZzgSe0MiHc

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8nmDkJeX4o_3EtEs3ypf6UTHfrA3ggEnr86t8gSu1ZYa8W7vi8aaqeaeMSaY_AAiO0qzuigjVjRI8E_osm9sCJ17uCDGhJaQ&google_hm=A8p48jupi0ZKnZzgSe0MiHc
date: Mon, 13 Feb 2023 11:13:29 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXca78f23ba98b464a9d9ce049ed0c8877003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B5F2 0
40 B 163ms
49ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-2VKhXXeHE-Xf2QBnBW9TEOv9KXhNU_ijNA7tcxy-WtM10ICT5u33_w1IJ4I2jp0T8Sk1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 515E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 519bcaa273d7b2256aacf338fc609e94eb57b47e5466dffdfb1bf1a0c4a4e5d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F41E 15 KB
15 KB 52ms
50ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 10:32:46 GMT
x-content-type-options: nosniff
age: 175242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 10:32:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F41E 15 KB
16 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 281039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F41E 15 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 35062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:29:06 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 515E 28 KB
28 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 65351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2024 17:04:17 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9798 36 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:00:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QmI3TFFLNFgxUHJ3TTE1&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&google_cver=1&google_push=Aa02lx9-_aRcyisfuD0PjUpQM4hGReaGeKdAaKJX6lr44DV...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QmI3TFFLNFgxUHJ3TTE1&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&google_cver=1&google_push=Aa02lx9-_aRcyisfuD0PjUpQM4hGReaGeKdAaKJX6lr44DVgg3c8ag6h_VoeZqwneVgKDNwXAyCZxiP50ehl7Ww00A0Rw8lXTt_e4iE

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:13:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-0faa10e3a614d791a@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QmI3TFFLNFgxUHJ3TTE1&google_gid=CAESEFELi_MidsfjC72fjUV1jJU&google_cver=1&google_push=Aa02lx9-_aRcyisfuD0PjUpQM4hGReaGeKdAaKJX6lr44DVgg3c8ag6h_VoeZqwneVgKDNwXAyCZxiP50ehl7Ww00A0Rw8lXTt_e4iE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B2B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJn2k-SdwgQ7eBi6Ldc5q94&google_cver=1&google_push=Aa02lx-6XHVd0R7BAoZ_fHGHtLFh9s3Hpy4CL3Xvg3HLxuSFdsRu-XDyH3YzXc3HPOjpHlJU71SFhMEXBBHh2-d0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-6XHVd0R7BAoZ_fHGHtLFh9s3Hpy4CL3Xvg3HLxuSFdsRu-XDyH3YzXc3HPOjpHlJU71SFhMEXBBHh2-d0sFJhvH3YtbvGMmM

170 B
232 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-6XHVd0R7BAoZ_fHGHtLFh9s3Hpy4CL3Xvg3HLxuSFdsRu-XDyH3YzXc3HPOjpHlJU71SFhMEXBBHh2-d0sFJhvH3YtbvGMmM

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: MT3 457 2362390 master cdg-pixel-x13 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-6XHVd0R7BAoZ_fHGHtLFh9s3Hpy4CL3Xvg3HLxuSFdsRu-XDyH3YzXc3HPOjpHlJU71SFhMEXBBHh2-d0sFJhvH3YtbvGMmM
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 13 Feb 2023 11:13:27 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJZQuaq0irFtbevN-byLdx0&google_push=Aa02lx_EoDxvsOcR0n3zbndOSKcCq95_PuavPQM0FcREeswH2XOc2Z5qnx...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJZQuaq0irFtbevN-byLdx0&google_push=Aa02lx_EoDxvsOcR0n3zbndOSKcCq95_PuavPQM0FcREeswH2XOc2Z5qnx3u7WwHihLLA07aibF4iTNKEshD3toGrTqPULpSc-5AgBg

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220029-HHN
pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1676286809.960708,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJZQuaq0irFtbevN-byLdx0&google_push=Aa02lx_EoDxvsOcR0n3zbndOSKcCq95_PuavPQM0FcREeswH2XOc2Z5qnx3u7WwHihLLA07aibF4iTNKEshD3toGrTqPULpSc-5AgBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B2B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL2vr6OxEryEcvUpQ5EbjcU&google_cver=1&google_push=Aa02lx9kzhQUVyyWh3KzNJSJKOJaUwapql9EnUlAuC03xbaNpnIYgD9uSay8-9ZtQgJYoQ2xNy0o-AL51Mm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9kzhQUVyyWh3KzNJSJKOJaUwapql9EnUlAuC03xbaNpnIYgD9uSay8-9ZtQgJYoQ2xNy0o-AL51MmcGaxmWWfjJR2R4KjGDEs&google_hm=HlCBm-5fSn6OsbGu0...

170 B
232 B

55ms
53ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9kzhQUVyyWh3KzNJSJKOJaUwapql9EnUlAuC03xbaNpnIYgD9uSay8-9ZtQgJYoQ2xNy0o-AL51MmcGaxmWWfjJR2R4KjGDEs&google_hm=HlCBm-5fSn6OsbGu0QZObWc

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9kzhQUVyyWh3KzNJSJKOJaUwapql9EnUlAuC03xbaNpnIYgD9uSay8-9ZtQgJYoQ2xNy0o-AL51MmcGaxmWWfjJR2R4KjGDEs&google_hm=HlCBm-5fSn6OsbGu0QZObWc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B2B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOSAYU-w80bE-9mAsyRGNXU&google_cver=1&google_push=Aa02lx9R7T2QBMK-JZG1lyrNJmnsA4jTSdpzeVFT3n3ofMu3ToJAVbDoJ_2p8Op__cGPsu3xpBHA7MKoHiIjUJ...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5OTU5NzAxOTEyMDk5MDM1MA%3D%3D&google_push=Aa02lx9R7T2QBMK-JZG1lyrNJmnsA4jTSdpzeVFT3n3ofMu3ToJAVbDoJ_2p8Op__cGPsu3xpBHA7MKoHiIjUJDkjf...

170 B
232 B

52ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5OTU5NzAxOTEyMDk5MDM1MA%3D%3D&google_push=Aa02lx9R7T2QBMK-JZG1lyrNJmnsA4jTSdpzeVFT3n3ofMu3ToJAVbDoJ_2p8Op__cGPsu3xpBHA7MKoHiIjUJDkjfQjgbIpgejDtsQ

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5OTU5NzAxOTEyMDk5MDM1MA%3D%3D&google_push=Aa02lx9R7T2QBMK-JZG1lyrNJmnsA4jTSdpzeVFT3n3ofMu3ToJAVbDoJ_2p8Op__cGPsu3xpBHA7MKoHiIjUJDkjfQjgbIpgejDtsQ
Date: Mon, 13 Feb 2023 11:13:28 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B2B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx-G4pvBivA7m2rlp4RTuEpBVXJuUw4d4...

170 B
232 B

51ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx-G4pvBivA7m2rlp4RTuEpBVXJuUw4d4wE-MFpZxCqjfaiJ1EI8KeYS5y9sQf0ElfxJL02dXVsvSHMzB-ooCCuFyDz5Yof-IL8

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FYppGd9NCcc5xefBwA5QCTtTeJZ0a7SQFu9MbWcr58JVS6iZsbOsd4oXw0yJp6ztn59ujbTj%2BR%2FJWzbN4FShTSbC7kxr6FYyol1mbnbODf3y0kwxSz%2FpeZnftz1YdWuIySBZ1%2FBeFVmLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDAAUi6UwEOzroiTrPCoRwc&google_hm=Y-obWC1UtCeMqfw2Kty4BwAABI8AAAAB&google_nid=index&google_push=Aa02lx-G4pvBivA7m2rlp4RTuEpBVXJuUw4d4wE-MFpZxCqjfaiJ1EI8KeYS5y9sQf0ElfxJL02dXVsvSHMzB-ooCCuFyDz5Yof-IL8
cache-control: no-cache
cf-ray: 798d228c0eec361f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6B2B
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGjBglho9KydkFVl8-HPRaE&google_cver=1&google_push=Aa02lx87zbUI4X_yDU8L5lvhNWUH9TZgRrxZ_uXPpBpKQwWaAtztWQ6y--knBsuNZMoV3UMCJlh2oPmYGKite4EN...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx87zbUI4X_yDU8L5lvhNWUH9TZgRrxZ_uXPpBpKQwWaAtztWQ6y--knBsuNZMoV3UMCJlh2oPmYGKite4ENAs8zQiaQDuZ75cA

170 B
232 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx87zbUI4X_yDU8L5lvhNWUH9TZgRrxZ_uXPpBpKQwWaAtztWQ6y--knBsuNZMoV3UMCJlh2oPmYGKite4ENAs8zQiaQDuZ75cA

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 13 Feb 2023 11:13:28 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx87zbUI4X_yDU8L5lvhNWUH9TZgRrxZ_uXPpBpKQwWaAtztWQ6y--knBsuNZMoV3UMCJlh2oPmYGKite4ENAs8zQiaQDuZ75cA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Bzxq1yXrUno2ds47ibnq3x04iwgpTW19ZucXb7EazYbFVu_NYRgsxw==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6B2B 0
130 B 80ms
48ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6aMsy0zwXBasIWz4eKBo4Xf1QTbMETkwyW4sP2QPcjHz2w6QQQSzmW_G8uNkb3eNENol2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame E252 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:00:17 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9913.F_4eqNPfN4fMMRzIBoRy94HCwAP1sRGlNuOSQP0qGGr-2cNx0_FRXvSydkJlPubm.Cxsv1ofYa9K3lzSuRzquCEPRCwU%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.dS8o30jhuAIKTWuk4z8u_x3iOrU8fratfZjZxM8afy9u38u9_Nw7sFEt9kcm7Z-GQoisA6lkNqeBxe7vwCRnjrLsODDSkEDTYxP7hk0utBU%2C.I6QLMdEEdawUWxieen...

43 B
94 B

88ms
88ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.dS8o30jhuAIKTWuk4z8u_x3iOrU8fratfZjZxM8afy9u38u9_Nw7sFEt9kcm7Z-GQoisA6lkNqeBxe7vwCRnjrLsODDSkEDTYxP7hk0utBU%2C.I6QLMdEEdawUWxieenez-7qDb-g%2C

Requested by

Host: valdai.su
URL: https://valdai.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://valdai.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:13:29 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.dS8o30jhuAIKTWuk4z8u_x3iOrU8fratfZjZxM8afy9u38u9_Nw7sFEt9kcm7Z-GQoisA6lkNqeBxe7vwCRnjrLsODDSkEDTYxP7hk0utBU%2C.I6QLMdEEdawUWxieenez-7qDb-g%2C
date: Mon, 13 Feb 2023 11:13:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ww25.iupgxu.com
URL: http://ww25.iupgxu.com/4xfl17291/ivl/mp0/y03q8h768/vuq/786/kypdeasu.php?subid1=20230213-2213-27c9-a30f-dad860820f36

Domain: www.telderi.ru
URL: https://www.telderi.ru/ru?pid=ee465a

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
valdai.su/	1970-01-20 09:39:33	Name: qimyRdvQHcjrpsw Value: DhU1%5BfIdn.y0Ll7
valdai.su/	1970-01-20 09:39:33	Name: Ix_zG-bpY Value: JBY%2AigvMt
valdai.su/	1970-01-20 09:39:33	Name: vfDCuYwb Value: NtK%2A6Mgo
valdai.su/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.valdai.su/	1970-01-20 18:23:42	Name: _ym_uid Value: 16762868081065977931
.valdai.su/	1970-01-20 18:23:42	Name: _ym_d Value: 1676286808
.mc.yandex.com/	1970-01-20 09:38:07	Name: sync_cookie_csrf Value: 3438378595fake
.valdai.su/	1970-01-20 09:39:18	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 09:38:07	Name: sync_cookie_csrf Value: 2231452344fake
.doubleclick.net/	1970-01-20 18:59:42	Name: IDE Value: AHWqTUkO1aGeLegYzUcmSAWy7xbJ4ix3U6GCaKSZsFx3fj0Ay_DW4WYaSPAhoXnSCso
.valdai.su/	1970-01-20 18:59:42	Name: __gads Value: ID=c47fc46c5c492140-224d459a05dc0049:T=1676286808:RT=1676286808:S=ALNI_Mb164q1DzxPuh6RBzZihEzwWlPNTg
.valdai.su/	1970-01-20 18:59:42	Name: __gpi Value: UID=00000bb5283c58b0:T=1676286808:RT=1676286808:S=ALNI_MYx7GeTLjpAPk8F_qWY4enVMQCjPw
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 170882721676286808
.yandex.com/	1970-01-20 19:14:06	Name: i Value: gqUDjFsqKKhveVCi71roDl2b+rL2K9Lc2k5sAWWbggUBmjwXV3pSVg5Y2y0Ng2qzOxDYMQqKeT/ygRSw6+4nthn1Dv8=
.yandex.com/	1970-01-20 18:23:42	Name: yandexuid Value: 4882137341676286808
.yandex.com/	1970-01-20 18:23:42	Name: yuidss Value: 4882137341676286808
.yandex.com/	1970-01-20 18:23:42	Name: ymex Value: 1707822808.yc.1676286808#1707822808.yrts.1676286808#1707822808.yrtsi.1676286808
.ctnsnet.com/	1970-01-20 18:23:42	Name: gid_CAESEL2vr6OxEryEcvUpQ5EbjcU Value: 1
.ctnsnet.com/	1970-01-20 18:23:42	Name: cid_1e50819bee5f4a7e8eb1b1aed1064e6d Value: 1
.ctnsnet.com/	1970-01-20 18:23:42	Name: gid_CAESEP9o_S-Rq-9y3N0v7h0J5rA Value: 1
.ctnsnet.com/	1970-01-20 18:23:42	Name: cid_554414edb8444cfc87c101db5726af18 Value: 1
.mathtag.com/	1970-01-20 10:21:18	Name: mt_mop Value: 4:1676286808
.casalemedia.com/	1970-01-20 18:23:42	Name: CMID Value: Y.obWC1UtCeMqfw2Kty4BwAA
.casalemedia.com/	1970-01-20 11:47:42	Name: CMPS Value: 1167
.casalemedia.com/	1970-01-20 11:47:42	Name: CMPRO Value: 1167
.mathtag.com/	1970-01-20 19:04:02	Name: uuid Value: 63a163ea-1b58-4100-b84b-a281955159ff
.1rx.io/	1970-01-20 18:23:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ca78f23b-a98b-464a-9d9c-e049ed0c8877-003%22%7D
.adfarm1.adition.com/	1970-01-20 11:47:42	Name: UserID1 Value: 7199597019120990350
.w55c.net/	1970-01-20 19:05:28	Name: wfivefivec Value: Bb7LQK4X1PrwM15
.everesttech.net/	1970-01-20 18:23:42	Name: everest_g_v2 Value: g_surferid~Y_obWQAAARFd1gAb
.w55c.net/	1970-01-20 10:21:18	Name: matchgoogle Value: 5
.targeting.unrulymedia.com/	1970-01-20 18:23:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ca78f23b-a98b-464a-9d9c-e049ed0c8877-003%22%7D
.turn.com/	1970-01-20 13:57:18	Name: uid Value: 4031985556488815836
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=j78nzyawsid7&acs_rt=f5b53578fa0745c4b7985eca8240f4f2
.aliexpress.com/	1970-01-20 19:14:06	Name: aeu_cid Value: b18ba51a67484b37bae9ba9110038eb2-1676286809506-06872-_9vvP9d
.aliexpress.com/	1970-01-20 11:47:42	Name: xman_t Value: hSVBUkBXfav63drm+qg4W0nhKORZwWdK2czYA/LjRrZnUxKYaMp4dvXZ/1ExROMA
.aliexpress.com/	1970-01-20 19:14:06	Name: xman_f Value: Y8yYIm0ONhH3pJEwsezrQs2khnDKMQ2yNLCFXcYYFEuxUJSmHIi3NnaMfhW3PrnzaeKLtcvgGk3095XZKPGjwJPrIPLLVrrAy7iB2BRB4GoaGeBwukIGrw==
.aliexpress.com/	1970-01-20 19:14:06	Name: af_ss_a Value: 1
.aliexpress.com/	1970-01-20 19:14:06	Name: xman_us_f Value: x_l=0&acs_rt=f5b53578fa0745c4b7985eca8240f4f2&x_as_i=%7B%22aeuCID%22%3A%22b18ba51a67484b37bae9ba9110038eb2-1676286809506-06872-_9vvP9d%22%2C%22affiliateKey%22%3A%22_9vvP9d%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22759942042%22%2C%22tagtime%22%3A1676286809506%7D

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://valdai.su/sN4pkHSYT.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://valdai.su/sMnkzhUUB_n.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://valdai.su/ Message: Mixed Content: The page at 'https://valdai.su/' was loaded over HTTPS, but requested an insecure script 'http://ww25.iupgxu.com/4xfl17291/ivl/mp0/y03q8h768/vuq/786/kypdeasu.php?subid1=20230213-2213-27c9-a30f-dad860820f36'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://valdai.su/rb_N4pkHSYT.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.telderi.ru/ru?pid=ee465a Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://text.ru/register101 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://valdai.su/rb_MnkzhUUB_n.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://advego.com/ Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.bid
ads2.bid
adservice.google.com
adservice.google.de
advego.com
ajax.googleapis.com
aliexpress.ru
allpositions.ru
articles.sape.ru
beget.com
best.aliexpress.ru
bigreal.org
buyeasy.by
cm.g.doubleclick.net
collaborator.pro
dsp.adfarm1.adition.com
ewaline.su
fastvps.ru
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gogetlinks.net
googleads.g.doubleclick.net
kwork.ru
login.aliexpress.com
login.aliexpress.ru
luckyads.pro
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr.sape.ru
r.turn.com
rtb.sape.ru
s.ad.smaato.net
s.click.aliexpress.com
serpstat.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
text.ru
timeweb.com
tpc.googlesyndication.com
traffic.sape.ru
valdai.su
workhard.online
ww25.iupgxu.com
www.etxt.ru
www.google.com
www.googletagservices.com
www.gstatic.com
www.miralinks.ru
www.sape.ru
www.seowizard.ru
www.telderi.ru
xmlproxy.ru
pagead2.googlesyndication.com
ww25.iupgxu.com
www.telderi.ru
104.109.95.134
104.87.131.236
138.68.71.122
151.101.66.49
159.69.75.12
172.217.16.194
172.64.154.237
178.154.254.12
178.248.232.168
178.248.233.120
185.29.134.244
185.65.149.181
190.115.18.184
190.115.31.9
193.168.47.254
193.232.121.11
193.232.121.23
193.232.121.24
193.232.121.29
193.232.121.72
193.232.121.80
208.94.232.9
213.19.147.45
2600:9000:211e:1600:1b:5138:8a40:93a1
2606:4700:10::ac43:aae
2606:4700:20::681a:40d
2606:4700:20::681a:4e5
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
2a00:1450:400d:803::2003
2a02:6b8::1:119
2a03:6f00:1:2::5c35:746b
3.122.47.214
3.33.220.150
35.186.193.173
46.228.164.11
47.246.133.207
47.246.133.89
78.46.102.85
85.114.159.93
85.192.12.169
85.192.12.170
87.236.16.65
87.236.16.89
89.108.73.170
93.171.200.70
0025cc211722dcb6ba73aded7800e793a19c931bf47400401181121e5ceab356
044acf365f5269bc4439837d45427861c77a767ebf981ebc0ffbd2defb9420e0
059d35170ed0c99c00322f16f6cf8ff05cfa2de3ecdcd0a3eb004d51684d9451
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
09ee05c26a3bd6af11b44146221c5ac5f1a08144893489739cd737430edc87ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
1140d2ea7a06547dbf7dd5d2ff7bba1808d8707dbb71387e9f239c61d6d897f1
122e4507eed63f7201504f03fdf66194c3de110ed887824df649584e66d0fb26
1847303d5cd4f09e0cba12e56689d130dcaa1eeb7e72d7a233ac1a2df384bea0
19695f946119db05c26a922bb96c46a43f60c3898616316e76c41cadf9261423
1a00ba3566b90c3c8882102c9a52536115dd4975d1ae6d6da73ca41ddf68c19f
205b9e005fc44e5d5ba379624a40cf1f1d4f187b1dd6ef490b8996da37ff859a
2078765e0d62301b9315460b89f901db1f1368a9c0fa28d1b90f0b80dcea583c
275ac55d87b21a370d266c49ca0a7644e1b22b00438dbbb94cf1c80ee0bb0538
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3444e0567191142c0bb4e966aa5549cc07ff009726e23fbdaaa7c3422af7b676
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3bfdadc1c8c76ac77d103cd4f99637e89671b5d9fb36c05325e5e0ea34b05512
405a132a5c54fed6646d52239499f11a011f3b51c791bb421d8220606f7e0c30
430020a56c175e3a3d033653ec9d1b8ba1a8d0a4284c5a4323ac21c2454f15ce
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45327238544d5e780719a720fe74aa937e4fba7895e21bf320ed626cf56e79a7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e7103920b867c137e5258c67f273961bca78d6024ee59d20f8e869147cbe31a
4fd51de67acfed4a76ec912c3a8d81eecf52e55e32ea9ecb3953853dddd035e0
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
519bcaa273d7b2256aacf338fc609e94eb57b47e5466dffdfb1bf1a0c4a4e5d3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55afd05d0b5d96bfdc6fffe404d99d4159c1409cd61a07834d9d8f7d82054f65
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ffa3c2c46de76d21d42c06babf93e9c0fffe8d572d3b381a8d5eb3b4361445d
611b6d9940e41841daa2253548cb45d74b5da32d17b3c95e37436c373d259075
616e113ac0e195d35243fd45637644b809d0247347d8483ab4e65d73f80c02d5
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b34b2611dad5a0d46ad11a80b0d07840224c2b4a2f9011fbff5891fd6d82755
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
72093863f7c1e87c1e5b25b809c2723e146a67282b05738a9e4ea08f6e34e06f
7687fecfb3ca8ef9c8c56d57c6baf9cdaff9a7c4ef4cbd2d86a3320d8661c2fe
7d9c6dadbf0cc4850792907be02a76a135a1029c79cfe57eef460b86ffea7ed3
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
852f5af62af0bf3293ef4362fd18426ad8219127a94589f00e048bb755098dec
8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6
8d04dace590f4962362e0022ff61db98a2a13855496a2e8dfe08fefbf4dceaf4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90b39bf449018b6b090e1f0568253da93a29441b9170926c5c82868a5f072faf
92668f8d0d51efbf5a1291e352f7a875f4fe6afb96e752dc684caf15972c1add
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f7afd50172c2f6c5770f83b49036573b0bd7bdc699cb030b69f81f5ac374e26
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
add62fe33aa010cc59a48bd2092eacfefe304e0de216f2fa1b00a762109de462
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b40f77ec9e251bad0d0a055defbec9bd458681721e768579974e33d9141d12df
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd801b34d06bc637785a7f8448c01f63ee81ed455b7297469aab881bcd9c946
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2c35f4a50b709936d602fc8da87e4b46aef1615502c14c6ecd21634a818d0ac
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c5363ac3270a3a87c9ec44bd0fff99d5f66902d634fa88e5d6cdbdb8abca519a
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
c66e90b31bf8c75a0153a8b4d937bfdfa23abe1b4c09d1e8ff9e61bb0ff10a7d
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
d615af17b44a125dc019be71a8c42410ba58dd7f31c050867cbeee87b2e20657
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daaaa7f6aa04f7960a321f6fd2eec4b7b1fdd5d514c7d04ecc4e6e2962ea100f
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de31caef166f1c6f42ca570f94d2ee985189ac3c7c564065eb0d16303c3819a4
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e021c81c8f56804364192f1ab3297951b7700f48697005582ce5339c3eef7e80
e042b653861ac5e3bd118f5656c7a33dae82a6e9d62abe945fef0f8ce73d7e9c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5816668a165dcfbcca56b258fcd361193c4ca0f9c6f625b9f5f8b8c737933d3
eaf0da3a230b1c89de88d4c557addf128ebda227794982785dc2411c21d1ae33
eba0ab63a297c8c31e5fef7f74799a43f1722113479a9e92cdd7969f7f9805ba
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f7521cd0d67b152d58068b675e2fd66431808ef789ff23954b204cf6641382
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe55fc4e556f9f6134c41c70a57b425073ee6ab794bf218ba9e82ebf6eb78f33

valdai.su Open in urlscan Pro 87.236.16.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

78 %HTTPS

33 %IPv6

48 Domains

61 Subdomains

39 IPs

9 Countries

1510 kBTransfer

3277 kBSize

39 Cookies

0 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

valdai.su Open in urlscan Pro
87.236.16.65 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

78 %
HTTPS

33 %
IPv6

48
Domains

61
Subdomains

39
IPs

9
Countries

1510 kB
Transfer

3277 kB
Size

39
Cookies

158 HTTP transactions
14 data transactions