hi.ru Open in urlscan Pro
2a00:15f8:a000:5:1:13:5:3f30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hi.ru/?dk71
Effective URL:
https://hi.ru/?dk71
Submission: On April 28 via manual (April 28th 2022, 6:35:43 pm UTC) from IN — Scanned from DE

Summary HTTP 175 Redirects Links 71 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 19 domains to perform 175 HTTP transactions. The main IP is 2a00:15f8:a000:5:1:13:5:3f30, located in Russian Federation and belongs to MASTERHOST-AS Moscow, Russia, RU. The main domain is hi.ru. The Cisco Umbrella rank of the primary domain is 400684.
TLS certificate: Issued by R3 on March 20th 2022. Valid for: 3 months.

This is the only time hi.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2a00:15f8:a00... 2a00:15f8:a000:5:1:13:5:3f30	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
18	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
32	2a00:15f8:a00... 2a00:15f8:a000:5:1:13:7:1fd5	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
2	198.24.171.52 198.24.171.52	19437 (SS-ASH) (SS-ASH)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1 3	13.225.80.90 13.225.80.90	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
23	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	152.199.21.117 152.199.21.117	15133 (EDGECAST) (EDGECAST)
2 35	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
175	27

19 2a00:15f8:a000:5:1:13:5:3f30 (Russian Federation) 1 redirects

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

hi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:15f8:a000:5:1:13:7:1fd5 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

photoshosting.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.24.171.52 (Ashburn, United States)

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.80.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-90.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.199.21.117 (United States)

ASN15133 (EDGECAST, US)

ssl.cdne.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 123	774 KB
32	photoshosting.ru photoshosting.ru — Cisco Umbrella Rank: 574770	526 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 318	218 KB
19	hi.ru 1 redirects hi.ru — Cisco Umbrella Rank: 400684	234 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	353 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 158	219 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 61 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	cpmstar.com server.cpmstar.com — Cisco Umbrella Rank: 3747 ssl.cdne.cpmstar.com — Cisco Umbrella Rank: 26707	42 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9251	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 370 mug.criteo.com — Cisco Umbrella Rank: 2985	7 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 127	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8897	914 B
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 11952	700 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3543	50 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9011	1 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12689	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 749	640 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 622	42 KB
175	19

	Domain	Requested by
35	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
32	photoshosting.ru	hi.ru
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hi.ru
19	hi.ru	1 redirects hi.ru
18	pagead2.googlesyndication.com	hi.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	mc.yandex.com	2 redirects hi.ru
4	www.google.com	3 redirects tpc.googlesyndication.com
4	ssl.cdne.cpmstar.com	hi.ru
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects hi.ru
3	fonts.googleapis.com	hi.ru googleads.g.doubleclick.net
2	static.doubleclick.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.tns-counter.ru	1 redirects hi.ru
2	mc.yandex.ru	1 redirects hi.ru
2	server.cpmstar.com	hi.ru server.cpmstar.com
2	counter.yadro.ru	1 redirects hi.ru
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	m.exactag.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	mug.criteo.com	hi.ru
1	static.criteo.net	hi.ru
175	29

This site contains links to these domains. Also see Links.

Domain
search.hi.ru
mail.hi.ru
news.hi.ru
finance.hi.ru
pogoda.hi.ru
tv.hi.ru
otvet.hi.ru
games.hi.ru
online.hi.ru
soft.hi.ru
translate.hi.ru
maps.hi.ru
id.hi.ru
server.cpmstar.com
corp.hi.ru
vk.com
ok.ru

Subject Issuer	Validity	Valid
*.hi.ru R3	`2022-03-20` - `2022-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
photoshosting.ru R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2020-06-30` - `2022-09-18`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
ssl.cdne.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2022-02-26` - `2023-03-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://hi.ru/?dk71
Frame ID: BB67B3A035E97A812F93674168992185
Requests: 80 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hi.ru
Frame ID: FEE7214357D7CAAFE62B0F928FE3605A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: C1F1616E002EAC9C28866E3379E6D27A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1651170937&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936912&bpp=3&bdt=442&idt=139&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2778747416728&frm=20&pv=2&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156
Frame ID: C4E797227A9C5C5118ED5B1CBBEC9635
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1651170937&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936915&bpp=2&bdt=445&idt=164&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hMOxh8gjH9&p=https%3A//hi.ru&dtd=168
Frame ID: 6186816B8462D679BB57EBF02F6AD4EA
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9527626459&adk=2075745809&adf=2740756486&pi=t.ma~as.9527626459&w=728&lmt=1651170937&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936917&bpp=1&bdt=446&idt=176&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AKm3SRM4m&p=https%3A//hi.ru&dtd=179
Frame ID: 31995F000FF2571102AFF088E37737B3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936918&bpp=1&bdt=447&idt=181&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=pRwnXU70Rh&p=https%3A//hi.ru&dtd=183
Frame ID: 2C8CCBE66DBFE725AAFFA07E9A3DB400
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1063504499&pi=t.ma~as.3250614562&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936919&bpp=1&bdt=449&idt=207&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=THfcNNAVPW&p=https%3A//hi.ru&dtd=209
Frame ID: 25CE96C86ECCD4605B35A5005F3B5870
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=2947970980&pi=t.ma~as.2268705386&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936920&bpp=1&bdt=450&idt=213&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=1952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=utFZ5E0WmZ&p=https%3A//hi.ru&dtd=216
Frame ID: C6E23B4DB4E28BD316BFD449B74B5175
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=928089046&pi=t.ma~as.2268705386&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936921&bpp=1&bdt=451&idt=221&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=3018&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=4vKjnTMYzX&p=https%3A//hi.ru&dtd=224
Frame ID: D94A3FE6695CB5AAEB53E6E5C478489A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=3576718405&pi=t.ma~as.8450970356&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936921&bpp=1&bdt=451&idt=227&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gQdlKCdXXq&p=https%3A//hi.ru&dtd=230
Frame ID: 82E14297D0CFA6CE7A4BEA35F871F4F4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: B9485EAF89CA8AE877F72B74D39A672D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ADC2F31A84F0E448C8A5E7F39689AC07
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 346011B0305587EFCBD817DB107CAC85
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9782ACDD073486A1F04E907F26C6FB57
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js
Frame ID: 9448C48D3C7BD935944382B14A276EB6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js
Frame ID: 8BC38DEB0AB936FC59501568FFA5B0E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js
Frame ID: 1BA21F820AF4DEC79A191EEEFB159A0A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js
Frame ID: E5223BC9CF84A295215C3635529C3862
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js
Frame ID: 8D600B14A16645CD082318AADC347B52
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js
Frame ID: 4CCA7969A987016B71A642DFCED376C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7D6BF9B9E53334113D50E4D16DD7219
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81EC07B15AEDF2D1FD9EAAA6D3A1F843
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hi.ru

Page URL History Show full URLs

http://hi.ru/?dk71 HTTP 301
https://hi.ru/?dk71 Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

175
Requests

95 %
HTTPS

77 %
IPv6

19
Domains

29
Subdomains

27
IPs

4
Countries

2473 kB
Transfer

5040 kB
Size

25
Cookies

71 Outgoing links

These are links going to different origins than the main page.

URL: http://search.hi.ru/
Title: Search

Search URL Search Domain Scan URL

URL: http://mail.hi.ru/
Title: Mail

Search URL Search Domain Scan URL

URL: https://news.hi.ru/
Title: News

Search URL Search Domain Scan URL

URL: http://finance.hi.ru/
Title: Finance

Search URL Search Domain Scan URL

URL: http://pogoda.hi.ru/
Title: Weather

Search URL Search Domain Scan URL

URL: http://tv.hi.ru/
Title: TV

Search URL Search Domain Scan URL

URL: http://otvet.hi.ru/
Title: Answers

Search URL Search Domain Scan URL

URL: http://games.hi.ru/
Title: Games

Search URL Search Domain Scan URL

URL: http://online.hi.ru/
Title: Movies

Search URL Search Domain Scan URL

URL: http://soft.hi.ru/
Title: Software

Search URL Search Domain Scan URL

URL: http://translate.hi.ru/
Title: Translator

Search URL Search Domain Scan URL

URL: http://maps.hi.ru/
Title: Maps

Search URL Search Domain Scan URL

URL: https://news.hi.ru/business
Title: Main

Search URL Search Domain Scan URL

URL: https://news.hi.ru/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://news.hi.ru/markets
Title: Markets

Search URL Search Domain Scan URL

URL: https://news.hi.ru/technology
Title: Technolog

Search URL Search Domain Scan URL

URL: https://news.hi.ru/sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://news.hi.ru/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241217
Title: China keeps medium-term policy rate unchanged, but markets expect more easing

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241215
Title: Japan consumer inflation seen picking up, still distant from BOJ target

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241216
Title: China March new home prices stall again as COVID damps sentiment

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241218
Title: Xpeng CEO warns China automakers face production suspensions in May 15.04.2022, 6:45 SHANGHAI, April 15 - Automakers in China may have to suspend production in May if suppliers in Shanghai and

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241214
Title: Japan's cenbank is not aiming to manipulate currency, PM says 15.04.2022, 6:45 TOKYO, April 15 - Japanese Prime Minister Fumio Kishida said the central bank's monetary policy is aimed at

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241195
Title: Hawkish Fedspeak keeps dollar king, yen slumps to 20-year low 15.04.2022, 6:11 TOKYO, April 15 - The dollar rose to a two-decade peak against the yen and kept close to a two-year high to the euro

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241194
Title: Exclusive: Ferrero to stop buying palm oil from Malaysia's Sime Darby over labour 15.04.2022, 4:52 KUALA LUMPUR, April 15 - Italian confectionary giant Ferrero said it will stop sourcing palm oil from Sime Darby Plantation (SIPL.KL) after the U.S. customs service found the Malaysian planter used

Search URL Search Domain Scan URL

URL: http://news.hi.ru/legal
Title: Legal

Search URL Search Domain Scan URL

URL: http://news.hi.ru/legal/241152
Title: Red states vow SCOTUS fight against Biden climate-risk measure 15.04.2022, 1:42 - A full federal appeals court on Thursday declined to step into a fight over the Biden administration’s climate-change cost calculations, clearing the path for a Supreme Court challenge by 10 Republican-led states.The

Search URL Search Domain Scan URL

URL: http://news.hi.ru/legal/241132
Title: Family of Black man killed by Michigan police demands criminal charges 15.04.2022, 0:10 April 14 - The family of an African refugee killed by a Michigan police officer during a traffic stop demanded on

Search URL Search Domain Scan URL

URL: http://news.hi.ru/legal/241110
Title: Wrongful conviction tracker hits milestones: One decade and 3,000 cases 14.04.2022, 22:44 - Reliable U.S. data on the number of people convicted of crimes and later cleared was practically nonexistent when the

Search URL Search Domain Scan URL

URL: http://news.hi.ru/legal/241082
Title: Planned Parenthood, ACLU sue to block Kentucky's abortion restrictions 14.04.2022, 21:38 April 14 - Abortion providers including Planned Parenthood on Thursday sued to block a sweeping new Kentucky law that

Search URL Search Domain Scan URL

URL: http://news.hi.ru/markets
Title: Markets

Search URL Search Domain Scan URL

URL: http://news.hi.ru/markets/241220
Title: Shanghai turns residences into COVID isolation facilities, sparking protest

Search URL Search Domain Scan URL

URL: http://news.hi.ru/markets/241221
Title: Japan to boost investment role in upstream LNG projects

Search URL Search Domain Scan URL

URL: http://news.hi.ru/markets/241219
Title: In latest gaming crackdown, China bans livestreaming of unauthorised titles

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sports
Title: Sports

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sports/241199
Title: China's broadcasting regulator to ban livestreaming of videogames without approval 15.04.2022, 4:43 SHANGHAI, April 15 - China's broadcasting regulator said on Friday it will ban livestreaming of unauthorised videogames.Online streaming platforms are strictly prohibited from broadcasting games that violate

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sports/241198
Title: Former Masters, British Open runner-up Newton dies aged 72 15.04.2022, 4:40 April 15 - Former Masters and British Open runner-up Jack Newton has died aged 72, his family said on Friday.The

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sports/241155
Title: DeChambeau undergoes wrist surgery, likely to miss PGA Championship 15.04.2022, 4:18 April 14 - Bryson DeChambeau said on Thursday he has had surgery on his left wrist and expects to return to

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sports/241156
Title: NBA playoffs tip off with intriguing first-round clashes 15.04.2022, 2:32 LOS ANGELES, April 14 - The NBA playoffs are wide open this year and will start with a bang on Saturday as 16 teams

Search URL Search Domain Scan URL

URL: http://news.hi.ru/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: http://news.hi.ru/lifestyle/241126
Title: UK rock band The Who back on tour after COVID cancellations

Search URL Search Domain Scan URL

URL: http://news.hi.ru/lifestyle/241037
Title: Bollywood stars Bhatt and Kapoor marry

Search URL Search Domain Scan URL

URL: http://news.hi.ru/lifestyle/241036
Title: Zombies will once again kick off Cannes Film Festival

Search URL Search Domain Scan URL

URL: http://news.hi.ru/lifestyle/240927
Title: Letizia Battaglia, pioneer photographer who defied the Mafia, dead at 87

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology
Title: Technology

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/241140
Title: U.S. ties North Korean hacker group Lazarus to huge cryptocurrency theft

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/241020
Title: Amazon CEO says not adding cryptocurrency as payment option anytime soon

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/240911
Title: German software maker SAP mulls withdrawal from Russia -Handelsblatt

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/241019
Title: Elon Musk makes $43 billion cash takeover offer for Twitter

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/240910
Title: Russian watchdog says Google faces fines over content on YouTube

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/240966
Title: Poland's CD Projekt postpones Witcher 3 next-generation release

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/240853
Title: TSMC sees Q2 sales surge; says chip capacity to stay tight this year

Search URL Search Domain Scan URL

URL: http://news.hi.ru/technology/240800
Title: TSMC's Q1 profit up 45%, beats market estimates

Search URL Search Domain Scan URL

URL: https://id.hi.ru/reg
Title: Create account

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=457182&creativeid=1231797&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=457608&creativeid=1234000&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=467396&creativeid=1268367&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=474902&creativeid=1292486&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241149
Title: Musk's Twitter play sparks concerns about distraction, stock sales at Tesla

Search URL Search Domain Scan URL

URL: http://news.hi.ru/business/241196
Title: Subaru says suspends shipment of some models over engine sensor malfunction

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/
Title: О проекте

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/adv
Title: Реклама

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/contact
Title: Контакты

Search URL Search Domain Scan URL

URL: https://vk.com/hi_ru_official

Search URL Search Domain Scan URL

URL: https://ok.ru/hi.ru.official

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/vk.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/fb.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/ok.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/google.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/mailru.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/twitter.php

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hi.ru/?dk71 HTTP 301
https://hi.ru/?dk71 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi.ru/%3Fdk71;0.5992946871908735 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fdk71;0.5992946871908735

Request Chain 58

https://www.tns-counter.ru/V13a***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/604918659 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/604918659

Request Chain 63

https://sb.scorecardresearch.com/b?c1=2&c2=20651854&ns__t=1651170936938&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fdk71&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1651170936938&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fdk71&c9=

Request Chain 64

https://gum.criteo.com/sid/json?origin=publishertag&domain=hi.ru&sn=ChromeSyncframe&so=0&topUrl=hi.ru&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aRFqXXw5ZEgzV3hYdHFNTU9NSDZiTzBnU241b2xGL0JjQmJDY3dRS2tYMmZmV0RFUW4wWHVVelhidmZRZzQ2WFgxR0h4RnhQYmhYdUhRMTA0Z1JLNStKdnVnMjg0Skl4TExsRzlMSjJRWlg4L01RYUxxb3l0WUF5TmYya2dvVUN0NTBEcHhpVFZ0V2xySmxkaFUvN0RJOWxHQm1abURCTitmbnBEenAwZmUzYXcrY2s1ZlgyRVpPbGdhWFd3Qzg2VzdCNjQxNHlZMnpmRVM5eFhvYWxRYXR6U1NLZjFua3RicmlORU5TVW9kY3Q1bGZXc0pjTUpTYk8zUkwzbGw5ajNlSDJPZVFKeXpKcmJBQWFTUHNHNFZzQUdZUT09fA&cppv=2

Request Chain 73

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9622.2hls_B2W8qO1-xTaG2I__kQBet-O_Ld4A0SctKmsoLmGh15l0HcJAjTfvazv0Qja.XvO6KKzunuxwLeLNFTg1N5-bVtU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9622.y3hrQ8COnVpFQaJSUPvGHxRj7iGh6hhHg2lGg8w9nH35BuhEyBOZe9HwBopon3bg-cnObLpJbR_UD2-j9FXYPg%2C%2C.8_-Ieu7ucdtqzSazSwpClFVTAUU%2C

Request Chain 83

https://mc.yandex.com/watch/27131102?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fdk71&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A532%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A186563558746%3Ahid%3A615647932%3Az%3A0%3Ai%3A20220428183537%3Aet%3A1651170937%3Ac%3A1%3Arn%3A358561774%3Arqn%3A1%3Au%3A1651170937689745842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651170936161%3Ads%3A0%2C89%2C75%2C42%2C141%2C0%2C%2C302%2C21%2C%2C%2C%2C650%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651170937%3At%3AHi.ru&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fdk71&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A532%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A186563558746%3Ahid%3A615647932%3Az%3A0%3Ai%3A20220428183537%3Aet%3A1651170937%3Ac%3A1%3Arn%3A358561774%3Arqn%3A1%3Au%3A1651170937689745842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651170936161%3Ads%3A0%2C89%2C75%2C42%2C141%2C0%2C%2C302%2C21%2C%2C%2C%2C650%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651170937%3At%3AHi.ru&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 118

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC31PHYRhCABBiABDIICjxqqdEjz2U HTTP 301
https://tpc.googlesyndication.com/simgad/16601714642090414425

Request Chain 149

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnv4vBZRC4CBi4CDII4DoeR-ZWoHo HTTP 301
https://tpc.googlesyndication.com/simgad/11603551136329321101

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 164

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

175 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hi.ru/
Redirect Chain

http://hi.ru/?dk71
https://hi.ru/?dk71

101 KB
26 KB

164ms
75ms

Document
text/html

2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 1b3f1307c94bfadfd1c7dcc29a453044343e0752c2af029a381d1fcd251537a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:35:36 GMT
expires: Thu, 28 Apr 2022 18:35:36 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 28 Apr 2022 18:35:36 GMT
Keep-Alive: timeout=10
Location: https://hi.ru/?dk71
Server: nginx

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 17:52:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Apr 2022 18:35:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Apr 2022 18:35:36 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
hi.ru/js/ 91 KB
32 KB 61ms
60ms Script
application/javascript 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/js/jquery-1.10.2.min.js
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
last-modified: Thu, 20 Nov 2014 15:26:10 GMT
server: nginx
etag: W/"546e0812-16bb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 main.css
hi.ru/assets/ 92 KB
14 KB 49ms
48ms Stylesheet
text/css 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/main.css
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: eaf394f0cf1614e22d265d916398cc14562c0bfa73a6f90af26e068dd76e4dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2017 12:02:09 GMT
server: nginx
etag: W/"591d8d41-16e60"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 widget.css
hi.ru/assets/ 2 KB
964 B 92ms
91ms Stylesheet
text/css 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/widget.css
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 390cdd2401b8a6d820152f5d1c9c0070833f95a983b81b988498bb14daf99c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:07:58 GMT
server: nginx
etag: W/"5893595e-9d0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
42 KB 73ms
29ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:06 GMT
server: nginx
etag: W/"624c3cde-1feac"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi.ru/%3Fdk71;0.5992946871908735
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fdk71;0.5992946871908735

43 B
528 B

45ms
45ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fdk71;0.5992946871908735

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Apr 2022 18:35:57 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 27 Apr 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Apr 2022 18:35:57 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fdk71;0.5992946871908735
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 27 Apr 2021 21:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
55 KB 181ms
94ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

702b8390fe80c41ae67692aa5301029776ba38b9eb47627b4beb80140a3e7c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56247
x-xss-protection: 0
server: cafe
etag: 10653213720377239296
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 18:35:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 121ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 157829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:45:07 GMT

GET
H2 200 WorldofWater.woff
hi.ru/fonts/ 18 KB
19 KB 43ms
43ms Font
application/font-woff 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/fonts/WorldofWater.woff
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: b663358d262151aebf082f699b672c1c44e5e1ed122b6bcf03a461345d0673ae

Request headers

Referer: https://hi.ru/assets/main.css
Origin: https://hi.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:44:52 GMT
server: nginx
etag: "589353f4-4978"
content-type: application/font-woff
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18808
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
55 KB 153ms
68ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5798867249887033

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4633b000a57178748fdc54a33a0eb08bde60ec897f63c806427efec8bef16750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Origin: https://hi.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56233
x-xss-protection: 0
server: cafe
etag: 8046007545981026297
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 18:35:36 GMT

GET
H2 200 165117060265284.jpg
photoshosting.ru/ 8 KB
8 KB 136ms
46ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060265284.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: bc2fd01167fcee19414a5fb07b892b1175c6e5a38a0aa4f8c0715f004f22c705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1f76-5ddbb1dbbc0ba"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8054
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060238605.jpg
photoshosting.ru/ 7 KB
8 KB 176ms
86ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060238605.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: c76f60784589a5b5378af6606e077932f5182371cb7115a8583deb347f6344cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1d33-5ddbb1dbbe7ca"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7475
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060286529.jpg
photoshosting.ru/ 10 KB
10 KB 175ms
85ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060286529.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: d75810d6ba7cb87c7257f9cd72cccfe69ea7dca7d39b2acd266d0b186a8fcef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "282c-5ddbb1dbc0eda"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10284
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060350277.jpg
photoshosting.ru/ 16 KB
16 KB 175ms
85ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060350277.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: d7a1b661d19a9b11aba066c4146e15fa1e724dcaa9f4ff164e7f24cef5b63263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "40b8-5ddbb1dbc5cfa"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16568
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060349663.jpg
photoshosting.ru/ 5 KB
5 KB 168ms
79ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060349663.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 68848fef67aea0136af0499b7d604728751b9c96f56254bc6f050370009f6593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1410-5ddbb1dbc840a"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5136
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060326955.jpg
photoshosting.ru/ 8 KB
8 KB 248ms
159ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060326955.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 6c41b871bc27660cec45b412372cd5df1110975abced3877f6a2dcb0bc881268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "2037-5ddbb1dbcd22a"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8247
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060332475.jpg
photoshosting.ru/ 7 KB
8 KB 155ms
153ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060332475.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: f14cc3c3c62d09957046d22335aa78b5c20d7f39c40c40b238d70ec030cb0695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1de3-5ddbb1dbcf93a"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7651
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060379119.jpg
photoshosting.ru/ 9 KB
9 KB 154ms
152ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060379119.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 562c8647832e42da63833d8174e1ec410d38dae61bd3530adb0842fd8dcee52a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "2423-5ddbb1dbd204a"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9251
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060479260.jpg
photoshosting.ru/ 16 KB
17 KB 155ms
153ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060479260.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 7a322e142b8ed9d9398196dfaba0432af9696eaa9b6badb7a3dab329c0c2e006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "41ef-5ddbb1dbf6a39"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16879
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060452899.jpg
photoshosting.ru/ 15 KB
15 KB 155ms
153ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060452899.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: f8c83543d8aaef23c212b89c9080d6acf87b5d28da8429f331103e9e42b52a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "3a31-5ddbb1dbf9149"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14897
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060438821.jpg
photoshosting.ru/ 18 KB
18 KB 155ms
153ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060438821.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 36578b5317ca4881cd7a449cf55e81802c475c5e0f8bd340d626ff2fd0dee934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "471d-5ddbb1dbfb859"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 18205
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060592232.jpg
photoshosting.ru/ 15 KB
15 KB 156ms
154ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060592232.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8a1caca497de67c1bdb0d83a06eaf651b0c6edeecfaa517d04c77f2f8409a261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "3bc7-5ddbb1dbfdf69"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15303
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060571062.jpg
photoshosting.ru/ 9 KB
10 KB 156ms
155ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060571062.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 237919195dd355f07e07a3c64030823ac6f70f546580c8bb89ea4c2e1e390162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "2530-5ddbb1dbfdf69"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9520
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060528353.jpg
photoshosting.ru/ 7 KB
7 KB 157ms
156ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060528353.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: f3019613f2070bb17e1538692efffbf92a8b043c7e4aa28410c679ded13e9950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1b65-5ddbb1dc00678"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7013
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060562519.jpg
photoshosting.ru/ 9 KB
10 KB 157ms
155ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060562519.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 237919195dd355f07e07a3c64030823ac6f70f546580c8bb89ea4c2e1e390162

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "2530-5ddbb1dc02d88"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9520
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060612853.jpg
photoshosting.ru/ 28 KB
29 KB 157ms
155ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060612853.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 0a3da478265d4b43471d4c54927721e47ca7676bae8b4868fdc6ce2b1981766c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "7116-5ddbb1dc0c9c8"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 28950
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060649436.jpg
photoshosting.ru/ 5 KB
5 KB 155ms
153ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060649436.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 16b45eeec033b3b46d01394d903670209c524a4d29afcea2729640a4391640d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "12b7-5ddbb1dc0c9c8"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4791
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060645344.jpg
photoshosting.ru/ 3 KB
3 KB 157ms
155ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060645344.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 71df592ddaf04982d08012e16b8a951b4f5e0d39af55107da331c7a66d368202

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "b77-5ddbb1dc0f0d8"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2935
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060619847.jpg
photoshosting.ru/ 4 KB
4 KB 156ms
154ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060619847.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: fc870acad62df2770116c47e988461f99e0ec7f925ab770576d64e95310d4895

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "fb3-5ddbb1dc0f0d8"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4019
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060742105.jpg
photoshosting.ru/ 45 KB
45 KB 156ms
155ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060742105.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8ce115cb1f81d260212fb53e3d67f0802b18cf9a3c0b69fbbb0400b2d5688dcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "b2d8-5ddbb1dc16608"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 45784
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H/1.1 200
OK textad_async_v100.pack.js Show response
server.cpmstar.com/cached/js/ 4 KB
2 KB 381ms
98ms Script
application/javascript 198.24.171.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/cached/js/textad_async_v100.pack.js
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.171.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7a43a6dd7dbbb0103a0968e7efa25d85a0c1b6951d558fa7d3a93f2b7e07aa42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 18:35:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jul 2021 23:04:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0c52fbdcd79d71:0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1230

GET
H2 200 165117060135026.jpg
photoshosting.ru/ 64 KB
64 KB 174ms
119ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060135026.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: db37357b99b2f88c24b2cb5ebff4397b588ee189dec457314aa0d19b6a921750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:10 GMT
server: Apache
etag: "fece-5ddbb1dbafd6b"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 65230
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060163410.jpg
photoshosting.ru/ 57 KB
58 KB 174ms
119ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060163410.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 5ef9d4580377431e258ae8bbf2a5a6d17b6e99e6099b490ba6fd3a14a43a27b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:10 GMT
server: Apache
etag: "e57a-5ddbb1dbb4b8b"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58746
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060269598.jpg
photoshosting.ru/ 67 KB
67 KB 157ms
155ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060269598.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: c7f97522c25b5d93efc2e3df6843abd556eb2af8d30fc6a0d6adc2913bedab72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "10c23-5ddbb1dbb99aa"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 68643
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 calendar.png
hi.ru/img/ 1 KB
1 KB 43ms
43ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/calendar.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: b0444809862b2227d687d9248c429aff81d18fd75a872fd7712e1402e2305f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-468"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1128
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 nav.png
hi.ru/img/ 1 KB
2 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/nav.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 26de7ddc151567db6158dbb2e730c21f7bdb291354b1a88a9e4123cb6ec455b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-54b"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1355
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 mail-box-arrow.png
hi.ru/img/ 1 KB
1 KB 43ms
43ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/mail-box-arrow.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3ed14ffcf48a4f46614b93bb468c59b4a04917a0997f3db67bf5aede6cd09ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-410"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1040
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 165117060995511.jpg
photoshosting.ru/ 15 KB
15 KB 140ms
86ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060995511.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 2ce27e2aa806866926a4425b7aa4c3782ec1b7fcc5abf46ba57aec9a79e6e01b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "3aa7-5ddbb1dc1db38"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15015
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060943345.jpg
photoshosting.ru/ 12 KB
12 KB 155ms
154ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060943345.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: bf5329597d63288354d65b448d93b157a666ce8ed88db089099508403a321b44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "302e-5ddbb1dc20248"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12334
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060972795.jpg
photoshosting.ru/ 12 KB
13 KB 157ms
155ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060972795.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8283aab3751f2c827dd3ea680a6fd9de836f5ca2c31f83b7b81948bb47354847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "319a-5ddbb1dc22957"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12698
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 icomoon.ttf
hi.ru/fonts/ 6 KB
7 KB 47ms
47ms Font
application/octet-stream 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/fonts/icomoon.ttf?ize68d
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 6f9c80a5f214df00adb0ee7f714a44c3a472f52e7dbe66bf740eb4344b21c26f

Request headers

Referer: https://hi.ru/assets/main.css
Origin: https://hi.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:44:52 GMT
server: Apache
etag: "197c-5478e0bcfc930"
cache-control: max-age=0
accept-ranges: bytes
content-length: 6524
expires: Thu, 28 Apr 2022 18:35:36 GMT

GET
H2 200 s-vk.png
hi.ru/img/ 2 KB
2 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-vk.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: dabba4011fb5c6cb64e46386a598022f8cdaaa6370c5d3e81e253585d9541b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-66e"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1646
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 s-ok.png
hi.ru/img/ 2 KB
2 KB 44ms
42ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-ok.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8763c7cee404235584c03d712187e2aac4355da9b405f1fc406af91ae15e873a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-6d6"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1750
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 vk.png
hi.ru/img/s/ 1 KB
1 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/vk.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: d8738f1a40f1f64f8561fe5924e4fb9134be21eeaa73c7f0adae5df353294ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-50d"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1293
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 fb.png
hi.ru/img/s/ 1 KB
1 KB 44ms
42ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/fb.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 704fb2fb51023c7f361e779a1448e30de7b2c347652e359aec3f71b1156abdc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-49f"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1183
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 ok.png
hi.ru/img/s/ 1 KB
2 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/ok.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 64fedf0f1f511c637ed27216292fed7ff26dfa03c4215cf2d6a37344d03f6001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-5ae"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1454
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 gp.png
hi.ru/img/s/ 1 KB
2 KB 54ms
53ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/gp.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: d5d8dc69aa87c483b4fe658a37d73a8492c874eabbac539b90f7101c4458ec4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-5b3"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1459
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 ma.png
hi.ru/img/s/ 2 KB
2 KB 55ms
54ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/ma.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6430a5609cdd61e8ec8b87c2f32a4b8010a93fca76e4737387673b788afd9a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-732"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1842
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 tw.png
hi.ru/img/s/ 1 KB
2 KB 59ms
59ms Image
image/png 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/tw.png
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e14245edb66438db8f4b062f463e708132f41762649ddb809dddb5c9f8eb9987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-59f"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1439
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 main.js Show response
hi.ru/assets/ 526 KB
118 KB 59ms
59ms Script
application/javascript 2a00:15f8:a000:5:1:13:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/main.js
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: bd49298c921b316356e1457a8ff2a9f19c0d069415e8a014f1d6ea6511000787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/?dk71
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2017 13:28:36 GMT
server: nginx
etag: W/"595b9804-836e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2 200 165117060985737.jpg
photoshosting.ru/ 8 KB
8 KB 155ms
154ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060985737.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 771a8df08ab326e0c366a4ad70196a6cb3b5aa69ba88087ebe6575a820f5c4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1f49-5ddbb1dc25067"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8009
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060932124.jpg
photoshosting.ru/ 7 KB
7 KB 154ms
153ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060932124.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 40d37233bcabfe2025c0f2b9bc696601d0ffa6bc2506cafaf6f15ec17f7680cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1ce4-5ddbb1dc25067"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7396
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117060965712.jpg
photoshosting.ru/ 10 KB
10 KB 154ms
152ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117060965712.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 0526252d7878f9bb9d524a541b0ec7c7d8ce6172f96eb710186a8ecd58779e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "278c-5ddbb1dc27777"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10124
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117061023609.jpg
photoshosting.ru/ 8 KB
9 KB 154ms
153ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117061023609.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 5ac7e8dcab9f9e858693da31089419acea6de3d6fd82f2e5305d5b40d1fd0c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "216b-5ddbb1dc29e87"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8555
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117061082691.jpg
photoshosting.ru/ 7 KB
7 KB 155ms
154ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117061082691.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 0a7640cd3cf881dce6296eaf2b44a56d4c733f2b9302f525bfc0adf6b40b1364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "1bb0-5ddbb1dc2c597"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7088
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 165117061051308.jpg
photoshosting.ru/ 6 KB
6 KB 156ms
154ms Image
image/jpeg 2a00:15f8:a000:5:1:13:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/165117061051308.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:15f8:a000:5:1:13:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 482b62a55fc2f636a96ef2698106b7a1b9ea5dee55c70340e46a2acbecc9f802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
last-modified: Thu, 28 Apr 2022 18:30:11 GMT
server: Apache
etag: "18ee-5ddbb1dc2c597"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6382
expires: Fri, 29 Apr 2022 18:35:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 119ms
92ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 157679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:47:37 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 165ms
55ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3d376242693b0638eddc94eac7a5dd62e3ba27f076a23e66bd7e6cb5bce16ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-c59f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50591
expires: Thu, 28 Apr 2022 19:35:36 GMT

GET
H2

200

604918659
www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/604918659
https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/604918659

43 B
297 B

41ms
41ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/604918659
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:36 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/604918659
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 38ms
10ms Script
application/javascript 13.225.80.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 03:22:40 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 54778
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fH53aI_ifANKPHuqEH7cS6_vSXAXBYofexlDjqVLQ3uCMsfG9_wWFg==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FEE7 14 KB
6 KB 46ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hi.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5883
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:36 GMT
server-processing-duration-in-ticks: 1807
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/ 308 KB
110 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5798867249887033&plah=hi.ru&bust=31067267

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5798867249887033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317b461d0bd86c4b065aa35ce25d53c57ac4b80649e7bc5bd7e310b653455cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112825
x-xss-protection: 0
server: cafe
etag: 9932149670956657995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 18:35:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame C1F1 10 KB
5 KB 138ms
36ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5798867249887033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 22:58:53 GMT
etag: 3347421328414474149
expires: Wed, 11 May 2022 22:58:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20651854&ns__t=1651170936938&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fdk71&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1651170936938&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fdk71&c9=

0
189 B

18ms
18ms

Image
text/plain

13.225.80.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1651170936938&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fdk71&c9=
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Server: 13.225.80.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-90.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 4rOUBEzI4TpTeXWunRqj1zch_kSzUZTo0xwehVuS5tm8-5IubIkB8Q==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=20651854&ns__t=1651170936938&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fdk71&c9=
date: Thu, 28 Apr 2022 18:35:36 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
content-length: 0
x-amz-cf-id: A4N0Rvef5ZsljRbKFmAVbN5dzGfZpux9vqsf-Ep9OnFbADE9KBkRGA==
x-cache: Miss from cloudfront

GET
H2

200

sid Show response
mug.criteo.com/ Frame FEE7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=hi.ru&sn=ChromeSyncframe&so=0&topUrl=hi.ru&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=aRFqXXw5ZEgzV3hYdHFNTU9NSDZiTzBnU241b2xGL0JjQmJDY3dRS2tYMmZmV0RFUW4wWHVVelhidmZRZzQ2WFgxR0h4RnhQYmhYdUhRMTA0Z1JLNStKdnVnMjg0Skl4TExsRzlMSjJRWlg4L01RYUxxb3l0WUF5TmYya2...

436 B
637 B

58ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aRFqXXw5ZEgzV3hYdHFNTU9NSDZiTzBnU241b2xGL0JjQmJDY3dRS2tYMmZmV0RFUW4wWHVVelhidmZRZzQ2WFgxR0h4RnhQYmhYdUhRMTA0Z1JLNStKdnVnMjg0Skl4TExsRzlMSjJRWlg4L01RYUxxb3l0WUF5TmYya2dvVUN0NTBEcHhpVFZ0V2xySmxkaFUvN0RJOWxHQm1abURCTitmbnBEenAwZmUzYXcrY2s1ZlgyRVpPbGdhWFd3Qzg2VzdCNjQxNHlZMnpmRVM5eFhvYWxRYXR6U1NLZjFua3RicmlORU5TVW9kY3Q1bGZXc0pjTUpTYk8zUkwzbGw5ajNlSDJPZVFKeXpKcmJBQWFTUHNHNFZzQUdZUT09fA&cppv=2

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5a05e6d038288b5d2f739c4456e42feec453ce2c360c3865c1b927b743cb070c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:36 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4404
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:36 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=aRFqXXw5ZEgzV3hYdHFNTU9NSDZiTzBnU241b2xGL0JjQmJDY3dRS2tYMmZmV0RFUW4wWHVVelhidmZRZzQ2WFgxR0h4RnhQYmhYdUhRMTA0Z1JLNStKdnVnMjg0Skl4TExsRzlMSjJRWlg4L01RYUxxb3l0WUF5TmYya2dvVUN0NTBEcHhpVFZ0V2xySmxkaFUvN0RJOWxHQm1abURCTitmbnBEenAwZmUzYXcrY2s1ZlgyRVpPbGdhWFd3Qzg2VzdCNjQxNHlZMnpmRVM5eFhvYWxRYXR6U1NLZjFua3RicmlORU5TVW9kY3Q1bGZXc0pjTUpTYk8zUkwzbGw5ajNlSDJPZVFKeXpKcmJBQWFTUHNHNFZzQUdZUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1472
content-length: 541
expires: 0

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 7 KB
8 KB 96ms
96ms Script
application/javascript 198.24.171.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=74084&multi=4&json=nc_editorial&callback=this.cpmstar_dynamic_editorials.editorial_1.callback&rnd=455831
Requested by: Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/js/textad_async_v100.pack.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.171.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ed3158b25b965ab134116233f4d5ddf6cb52e22cf78991e830034876dc000fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Apr 2022 18:35:36 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
640 B 153ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hi.ru&callback=_gfp_s_&client=ca-pub-5798867249887033

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5798867249887033&plah=hi.ru&bust=31067267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cf7ab809469e1943792c234faaeac7e264083f64b7137afca63060bb42ccd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 126ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4E7 96 KB
33 KB 375ms
375ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1651170937&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936912&bpp=3&bdt=442&idt=139&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2778747416728&frm=20&pv=2&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=156

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c4e53480a4d98a04e2642b4cf2743d3f6b22eecd306c2d97f55d720a28ae99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33221
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6186 125 KB
34 KB 757ms
683ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1651170937&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936915&bpp=2&bdt=445&idt=164&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hMOxh8gjH9&p=https%3A//hi.ru&dtd=168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f6f0a9547cee5ee6766c2806e4583bb4cdbb750fe01695f7a1c8f3bb726f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34676
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3199 87 KB
31 KB 577ms
515ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9527626459&adk=2075745809&adf=2740756486&pi=t.ma~as.9527626459&w=728&lmt=1651170937&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936917&bpp=1&bdt=446&idt=176&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AKm3SRM4m&p=https%3A//hi.ru&dtd=179

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5a86d2d0add1b7b19d91569241c893ff74207e9331c30cf17c0edb58616bcbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C8C 79 KB
30 KB 681ms
624ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936918&bpp=1&bdt=447&idt=181&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=pRwnXU70Rh&p=https%3A//hi.ru&dtd=183

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc91eb00e7afb85db42a8ec06c717b95f238ecc8f11d3732a8dbe0b119fd4b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9622.2hls_B2W8qO1-xTaG2I__kQBet-O_Ld4A0SctKmsoLmGh15l0HcJAjTfvazv0Qja.XvO6KKzunuxwLeLNFTg1N5-bVtU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9622.y3hrQ8COnVpFQaJSUPvGHxRj7iGh6hhHg2lGg8w9nH35BuhEyBOZe9HwBopon3bg-cnObLpJbR_UD2-j9FXYPg%2C%2C.8_-Ieu7ucdtqzSazSwpClFVTAUU%2C

75 B
75 B

61ms
61ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9622.y3hrQ8COnVpFQaJSUPvGHxRj7iGh6hhHg2lGg8w9nH35BuhEyBOZe9HwBopon3bg-cnObLpJbR_UD2-j9FXYPg%2C%2C.8_-Ieu7ucdtqzSazSwpClFVTAUU%2C

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9622.y3hrQ8COnVpFQaJSUPvGHxRj7iGh6hhHg2lGg8w9nH35BuhEyBOZe9HwBopon3bg-cnObLpJbR_UD2-j9FXYPg%2C%2C.8_-Ieu7ucdtqzSazSwpClFVTAUU%2C
date: Thu, 28 Apr 2022 18:35:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25CE 71 KB
28 KB 506ms
477ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1063504499&pi=t.ma~as.3250614562&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936919&bpp=1&bdt=449&idt=207&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=THfcNNAVPW&p=https%3A//hi.ru&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f47b516f11e7752eb39c35091f65e79c441aeb5863ba85c07a5ac8a4a584a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 55ms
54ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 28 Apr 2022 19:35:37 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6E2 430 B
230 B 474ms
452ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=2947970980&pi=t.ma~as.2268705386&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936920&bpp=1&bdt=450&idt=213&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=1952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=utFZ5E0WmZ&p=https%3A//hi.ru&dtd=216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

105357ce9b607d12556586f27255cb8632918db26897feb64a2848139b64ebf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D94A 430 B
231 B 512ms
499ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=928089046&pi=t.ma~as.2268705386&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936921&bpp=1&bdt=451&idt=221&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=3018&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=4vKjnTMYzX&p=https%3A//hi.ru&dtd=224

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e29ba5bcb925f63c259060b23e20f974e7e51b71a17f170bdbd5f28146257c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Elevnar_180x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1231797/ 8 KB
9 KB 45ms
9ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1231797/Elevnar_180x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC9) /
Resource Hash: 5148c8315cf1cf66097546e3aa542f356692976551432229797d6aa1bd4a016b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
last-modified: Wed, 27 Apr 2022 19:17:40 GMT
server: ECAcc (frc/8FC9)
age: 83877
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1231797_Elevnar_180x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 8594
expires: Fri, 29 Apr 2022 18:35:38 GMT

GET
H2 200 Eternal_Fury_Banner_05_180x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1234000/ 10 KB
11 KB 46ms
9ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1234000/Eternal_Fury_Banner_05_180x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E8B) /
Resource Hash: d09dedeba8fb4802437aeb27cd9148200f1ca17dd0c699bf7b85a0fd0ae97669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
last-modified: Thu, 28 Apr 2022 01:29:37 GMT
server: ECAcc (frc/8E8B)
age: 61560
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1234000_Eternal_Fury_Banner_05_180x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 10737
expires: Fri, 29 Apr 2022 18:35:37 GMT

GET
H2 200 Splitgate_Arena_Warfare_180x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1268367/ 8 KB
8 KB 46ms
10ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1268367/Splitgate_Arena_Warfare_180x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F76) /
Resource Hash: 376f2619fadaec161771f2d7a74dfe534c30b5a4c4f1ca354eb71ab3da5edf70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
last-modified: Thu, 28 Apr 2022 04:46:32 GMT
server: ECAcc (frc/8F76)
age: 49745
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1268367_Splitgate_Arena_Warfare_180x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 8492
expires: Fri, 29 Apr 2022 18:35:37 GMT

GET
H2 200 image191x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1292486/ 5 KB
5 KB 49ms
13ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1292486/image191x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?dk71
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0E) /
Resource Hash: f02139163617044138bb3e847904ac970786b7e8ed8ac49d959563ad36d7b1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
last-modified: Thu, 28 Apr 2022 07:21:50 GMT
server: ECAcc (frc/8F0E)
age: 40427
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1292486_image191x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 4676
expires: Fri, 29 Apr 2022 18:35:37 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82E1 71 KB
28 KB 459ms
453ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=3576718405&pi=t.ma~as.8450970356&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936921&bpp=1&bdt=451&idt=227&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gQdlKCdXXq&p=https%3A//hi.ru&dtd=230

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce34a1dfa24de6e0b6d86dc36610fe7613e094eb7f8e839a8ce42c3a56812356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28933
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:37 GMT
expires: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/27131102/
Redirect Chain

https://mc.yandex.com/watch/27131102?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fdk71&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A532%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fdk71&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A532%3Afu%3A0%3Aen%3Autf-8%3Ala...

338 B
420 B

58ms
58ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fdk71&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A532%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A186563558746%3Ahid%3A615647932%3Az%3A0%3Ai%3A20220428183537%3Aet%3A1651170937%3Ac%3A1%3Arn%3A358561774%3Arqn%3A1%3Au%3A1651170937689745842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651170936161%3Ads%3A0%2C89%2C75%2C42%2C141%2C0%2C%2C302%2C21%2C%2C%2C%2C650%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651170937%3At%3AHi.ru&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8b20904864b650652ae59f6e0ded5123eb77357565b84e3e2a5db7f17adadb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 28-Apr-2022 18:35:37 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Thu, 28-Apr-2022 18:35:37 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:37 GMT
last-modified: Thu, 28-Apr-2022 18:35:37 GMT
location: /watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fdk71&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A532%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A186563558746%3Ahid%3A615647932%3Az%3A0%3Ai%3A20220428183537%3Aet%3A1651170937%3Ac%3A1%3Arn%3A358561774%3Arqn%3A1%3Au%3A1651170937689745842%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651170936161%3Ads%3A0%2C89%2C75%2C42%2C141%2C0%2C%2C302%2C21%2C%2C%2C%2C650%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651170937%3At%3AHi.ru&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://hi.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 28-Apr-2022 18:35:37 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/ 145 KB
52 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204210101/reactive_library_fy2019.js?bust=31067267

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82854ff21edcf4766087370ed9af7dcca2cc008968c74d81d43f43fc3453ecc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52861
x-xss-protection: 0
server: cafe
etag: 14879542625252425404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 126ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 129ms
52ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame B948 10 KB
4 KB 50ms
49ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 23:36:33 GMT
etag: 3347421328414474149
expires: Wed, 11 May 2022 23:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 17285054606220595396
tpc.googlesyndication.com/simgad/ Frame 82E1 35 KB
35 KB 217ms
131ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17285054606220595396?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlYyaRhgjVVe8z_1o_TsHUuLGWvrg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=3576718405&pi=t.ma~as.8450970356&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936921&bpp=1&bdt=451&idt=227&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gQdlKCdXXq&p=https%3A//hi.ru&dtd=230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c5af7b85492dff8e8954e77268aa58c37949fa345eddbda75326308a5982288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 06:06:01 GMT
x-content-type-options: nosniff
age: 304176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36108
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 11:58:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 06:06:01 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 82E1 19 KB
8 KB 234ms
148ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:50 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 82E1 3 KB
1 KB 234ms
156ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:27:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82E1 120 KB
37 KB 222ms
138ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 82E1 15 KB
6 KB 230ms
151ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 82E1 30 KB
12 KB 243ms
165ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 21:31:27 GMT

GET
H2 200 14828492229214819266
tpc.googlesyndication.com/simgad/ Frame 25CE 46 KB
46 KB 169ms
87ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1063504499&pi=t.ma~as.3250614562&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936919&bpp=1&bdt=449&idt=207&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=THfcNNAVPW&p=https%3A//hi.ru&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:59:55 GMT
x-content-type-options: nosniff
age: 171342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46612
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Apr 2023 18:59:55 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 25CE 19 KB
8 KB 130ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 82E1 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAtTUed5qYoSKELDLtOUPsri7iA21i_-0acnomI6EENnZHhABIOehgHpgleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBNkBT9AxjWYSyY9x39x8thEwEHe6SjeoRUh_6CsATiNwCvh-lA0AyENtKiP4kG7HpgJHC-Qmh4kYNDlnLl2ZAesjFdgxDoMal3b_rgOS94OqGi-KwxDZIzoAJ8aDVW9lu7pQEcGMzLtTqb11sGTNiGPLgyXHNFJnYieLotw_-mIuCMsjhlkVDH_Aw7hbVR1MHJ9p7WUwSTPB8dKqEaltsLSAeeLatKL5xKViHdUW8el4Zk-NdlAoNitLv39Gf6wP0_FmpXpCgOrbCfKoDFP226gK81VT6xFkGRggc8AE2aW5ue8DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQg4ID0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU3OTg4NjcyNDk4ODcwMzMYAA&sigh=r-d1VLan2YY&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=3576718405&pi=t.ma~as.8450970356&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936921&bpp=1&bdt=451&idt=227&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gQdlKCdXXq&p=https%3A//hi.ru&dtd=230
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 25CE 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6SoHed5qYv2KEMSHi9YP-4yziA2i58nqad-skZTkD9rZHhABIOehgHpgleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBOEBT9AuWmPs-Wvxqc7DTz7xRNVa2NxI268xnulUfYEEBU2E9BWXuxahbWXLACQcJYtPXENvPQmgZ8F4Vnh0keB1kmlNAGzUEobEB7P4nUuCu6C0O01czllY6gU3Cmp-HFMf_Mb5T0Ar54BwosOldp38rCbR95gvppHyYrrJleW8Z1advqIDc6RQsf9IIkydHGeejQ7ETt1GZNUBHte4T6w7G8TimIN82IJuCMIDhyoWQMoOFhuWxd7n9gXFQmu2FLt0HcucqC_KSwL9zk14m1gb9mEIEJQxPgKNd5JktcM73hd6wAS22sLAhwSSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCmkwfSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTc5ODg2NzI0OTg4NzAzMxgA&sigh=PnzivwKwwTs&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1063504499&pi=t.ma~as.3250614562&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936919&bpp=1&bdt=449&idt=207&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=THfcNNAVPW&p=https%3A//hi.ru&dtd=209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 25CE 3 KB
1 KB 216ms
158ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:27:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25CE 120 KB
37 KB 168ms
104ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 25CE 15 KB
6 KB 212ms
154ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 25CE 30 KB
12 KB 216ms
158ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 21:31:27 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 3199 2 KB
983 B 185ms
156ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9527626459&adk=2075745809&adf=2740756486&pi=t.ma~as.9527626459&w=728&lmt=1651170937&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936917&bpp=1&bdt=446&idt=176&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AKm3SRM4m&p=https%3A//hi.ru&dtd=179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:32:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 3199 19 KB
8 KB 68ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:50 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 3199 3 KB
1 KB 169ms
157ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:27:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3199 120 KB
37 KB 82ms
48ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 3199 15 KB
6 KB 73ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:20 GMT

GET
H2 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame 3199 30 KB
13 KB 135ms
36ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 07:48:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B948 0
0 96ms
96ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmblJed5qYpauBrPCmQeO37GACeG22OhplIunxcgO-K6WmEMQASDnoYB6YJXikIKgB6ABmO7qoQPIAQKpAvJNkju9pLE-qAMByAPJBKoE2QFP0IR80sEOsfL4jzEaf1Y1YrLhN9AZzSge4llqjkTlzEBRBfA037wHkmUW6gXSI9Z5ho-53AasDrfz0BAxtCu4tmQdN0NGCPESr7pi_UMxyc7Jc7fBld3TXGbfVaoH3HzrcMhUCMmkIj-Z7ulg5QHvMNA6LXTbo-64AVqUn4qwn7hVOFwLiuUj3cV5rvU7gE3VRo2jqvaYUwz9jRCiSi-JIl1H9wjxZY8e8nX2xH2fHA1TDPtfmpiRUqCIrDrCJho4jJWv5NhJMBVMTZgZHVbzp7q66MIb4L-cwASNgPG-2AOSBQQIBBgBkgUECAUYBKAGAoAH0JGVXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMLQBtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01Nzk4ODY3MjQ5ODg3MDMzGAA&sigh=ui3NsY5sgR0&uach_m=[UACH]

Requested by

Host: hi.ru
URL: https://hi.ru/?dk71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame B948 19 KB
8 KB 106ms
85ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:50 GMT

GET
H2 200 13235931984719174256
tpc.googlesyndication.com/daca_images/simgad/ Frame B948 22 KB
23 KB 140ms
120ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13235931984719174256

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b23582d69ed4bdeb85c18ca2c5338310b008e869c81b9c705d7ecbab439048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 12:47:39 GMT
x-content-type-options: nosniff
age: 280078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22889
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 12:03:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 12:47:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame B948 3 KB
1 KB 176ms
157ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:27:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B948 120 KB
37 KB 117ms
92ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame B948 15 KB
6 KB 94ms
75ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame B948 30 KB
12 KB 180ms
161ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 21:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 21:31:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3199 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmWiOed5qYqeBEN2BtOUPy4ae4ArxvdO5aYy_1ob2DqDpu8H0ChABIOehgHpgleKQgqAHoAGkpa_FA8gBCakCtw_c8CAbgT6oAwHIA8sEqgTkAU_QFg31ipGnwSi3NKRT4Z0etJR7StGcw465IkslmZm4cMPF-QD3ZLVs2CdgMDu4KyPoL2yG2W7QUQl210HSNnGdt8fcDp8vUgFoBETzTntFp-rtdB-EJLpSsI_FA1WE42P8PLsY_sqb5611LKzUoxBCisYzBsCnvJckTImgtjSZKY1upYeiN2kAd7vtbnjvi1CzE3W2oPsE5twVZAvrqHYqapOozYqrW37XVBQOl7ICgS2BkL1LOHMbY0fN2VvdOASw5nKXu3t2RdL-e7dw0Lk-KXZ17piUBkR7lShzrfsae4XuPMAEy6r9vJADkgUECAQYAZIFBAgFGASgBi6AB8Ta0DqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQm9ID0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTU3OTg4NjcyNDk4ODcwMzMYAA&sigh=8f83_Au8Nvw&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9527626459&adk=2075745809&adf=2740756486&pi=t.ma~as.9527626459&w=728&lmt=1651170937&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936917&bpp=1&bdt=446&idt=176&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=2AKm3SRM4m&p=https%3A//hi.ru&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H2 200 15664814556173251755_8373974951883021857.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 3199 12 KB
12 KB 142ms
40ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/15664814556173251755_8373974951883021857.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c31274b319c464f0d86b58d1589a8023cc623e4697b2b049b91f5f935f0abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:49:42 GMT
x-content-type-options: nosniff
age: 110755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12174
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 04:23:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 11:49:42 GMT

GET
H2 200 7406109576792706556_7006697534128556633.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 3199 11 KB
11 KB 149ms
47ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/7406109576792706556_7006697534128556633.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f487f1311f2396de22a5f3f382f5f67a6b1525b20cc1dc852a3b9375f1b9e6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 05:33:49 GMT
x-content-type-options: nosniff
age: 219708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11636
x-xss-protection: 0
last-modified: Sun, 18 Nov 2018 16:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 05:33:49 GMT

GET
H3

200

16601714642090414425
tpc.googlesyndication.com/simgad/ Frame 3199
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC31PHYRhCABBiABDIICjxqqdEjz2U
https://tpc.googlesyndication.com/simgad/16601714642090414425

95 KB
95 KB

37ms
37ms

Image
image/jpeg

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16601714642090414425

Requested by

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f819cc09a49486b4aaf3139951e60601106f0909ab6a0bacad1f7af5d504a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 171348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97641
x-xss-protection: 0
last-modified: Sat, 15 Aug 2020 18:33:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Apr 2023 18:59:49 GMT

Redirect headers

date: Wed, 27 Apr 2022 19:30:36 GMT
x-content-type-options: nosniff
server: cafe
age: 83101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/16601714642090414425
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 27 May 2022 19:30:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2C8C 6 KB
670 B 131ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936918&bpp=1&bdt=447&idt=181&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=pRwnXU70Rh&p=https%3A//hi.ru&dtd=183

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 17:33:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Apr 2022 18:35:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2C8C 2 KB
904 B 162ms
82ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:32:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 2C8C 19 KB
8 KB 126ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:50 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2C8C 3 KB
1 KB 114ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:32:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C8C 120 KB
36 KB 156ms
70ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 2C8C 15 KB
6 KB 131ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:20 GMT

GET
H2 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame 2C8C 30 KB
12 KB 58ms
44ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 07:48:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2C8C 0
0 91ms
88ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwY1Hed5qYpyCENPftOUPvq6LsATYu7_UaLe39cTKD8GEwPz6ARABIOehgHpgleKQgqAHoAHd3-vLA8gBCakCh9CXelu-pz6oAwHIA8sEqgTgAU_QsAk1hkEFAw_957HmC7pER1XliNf02dp1mtvsHyF-0sjmxuI3YLaBh0ix2gOd_j00FNhygMwz70guBinhscIMUAGIymU4-Sjr88gkrCnUAgMpVbUbv8xcTQRpehjGM1dVj1Nx6r4Zv-9bgvS3CXQhaRoSRcjOcvfBr8nrrYLsSEnbkA5TO6rMRBuORwueUHEZ7R6f6TeeNdT8sapa58OYyx4pHQr1N32qmj7IjVAdaOfb2XH76V8JwRmR6FJEJba07HsaQ6nzRHIJUR8ayAH2rx9sxv9cVxPdhW8fea3FwAS-vK2k0AOSBQQIBBgBkgUECAUYBKAGLoAHi6CUNKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMKQD9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01Nzk4ODY3MjQ5ODg3MDMzGAA&sigh=l26HDbf04Iw&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936918&bpp=1&bdt=447&idt=181&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=pRwnXU70Rh&p=https%3A//hi.ru&dtd=183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/16126669366395386004/ Frame 2C8C 30 KB
30 KB 136ms
58ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16126669366395386004/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c87c2b85dc899b0b4033b24714618451a2af16796619f6587c404fbf3d67dee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 14:03:17 GMT
x-content-type-options: nosniff
age: 534740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30943
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 02:28:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Apr 2023 14:03:17 GMT

GET
DATA 200
OK truncated
/ Frame 2C8C 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dea2eb986adde9f443be4e2e46ad334f3dbadd82902c109a44b152d499bdc1f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ADC2 143 B
163 B 37ms
36ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1063504499&pi=t.ma~as.3250614562&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936919&bpp=1&bdt=449&idt=207&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=THfcNNAVPW&p=https%3A//hi.ru&dtd=209
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:06:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3460 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:06:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3199 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dc3c5ed84304c515d188ba4625f2c888fd0e327301ee6e017347966708ac2ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 6186 2 KB
532 B 57ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1651170937&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936915&bpp=2&bdt=445&idt=164&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hMOxh8gjH9&p=https%3A//hi.ru&dtd=168

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e88adda18aa09bcb1b6747436882f40a0074574df0ca4bc130779bb440e19d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 17:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Apr 2022 18:35:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6186 2 KB
904 B 89ms
82ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:32:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 6186 19 KB
8 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:50 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6186 3 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:32:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6186 120 KB
36 KB 63ms
50ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 18:35:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 6186 15 KB
6 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 May 2022 18:34:20 GMT

GET
H3 200 3c09399fce195357915a25abcce0a496.js Show response
www.gstatic.com/mysidia/ Frame 6186 30 KB
12 KB 111ms
37ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c09399fce195357915a25abcce0a496.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12188
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 07:48:45 GMT

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame 6186 43 B
1 KB 60ms
17ms Fetch
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=baur-gaw&extLi=11354265259&rnd=2690875029

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 28 Apr 2022 06:35:37 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 28 Apr 2022 18:35:37 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1690
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6186 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmOiXed5qYub_D-SKtOUP_ee2sArkiuG-aYCxjfO3D6DMoIm_HBABIOehgHpgleKQgqAHoAGw25HvA8gBCakC8k2SO72ksT6oAwHIA8sEqgTXAU_QuJ85dg48Dh5lx1Nf4mKT1Q5ShqBSViTHjo5MoI62ejJEXV3GG_sfv6_n12bkAfJz_r4WmrmpkDJZPndZzxxSxY1myl5hhmOAADX8GCGSUGfOiGn2p1dh2SUQUhjmw3OoF1XyPna7um405lI6EzfKo4nCFHIVXqM0y2E9S5FW8d6V9loT0UX1C-BAeVDiVXnaKdU00ErVc24hhvXfl3cXalevKJOwPdcr2DJixdAGozMv6AB5Pv95CmY0kyMoNEGk1mIpEyNzR_W0VXUPzujvqe7ioEbawASY9NP7twOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHybbaDKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDOjAfSCAkIgOGAEBABGB-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTc5ODg2NzI0OTg4NzAzMxgA&sigh=RpzYxg2xfWQ&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1651170937&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936915&bpp=2&bdt=445&idt=164&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hMOxh8gjH9&p=https%3A//hi.ru&dtd=168
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Apr 2022 18:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6186 20 KB
21 KB 141ms
39ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRsbJSAqHtP42fI6uETCfwc8MpAfi8PYoiq3Ctc8Yze6FHO48l47UNbSFhBS_U&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc23349e95a986a14af59a33f02308d352deb0b5f386ec88b44d68a85b4f93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:41:42 GMT
x-content-type-options: nosniff
age: 96836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20952
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 06:14:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 27 Apr 2023 15:41:42 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6186 21 KB
22 KB 190ms
95ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTXxYS9QBLBNvCdA-jajB3owlIUgAvKb4APMa1y_Vu0tKb05gVRxZSQGaYIMg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5831f8bc56cf1fdcb91889b2eb4cc6108b18dcade08fdabd1b41561f548e739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 11:38:13 GMT
x-content-type-options: nosniff
age: 370645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21967
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 02:15:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 24 Apr 2023 11:38:13 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6186 22 KB
23 KB 137ms
37ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ3QxRvRWqBCGEJ6bB5KX9AX-CqppYWywbQFHt1osgpSiS7oR5VcfF1pTu0sVc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6748d16abf009b7dd9078c6faddf49b4d796750427ec45e26094cb4c613e9ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:06:10 GMT
x-content-type-options: nosniff
age: 26968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22547
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 01:21:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Apr 2023 11:06:10 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6186 21 KB
21 KB 172ms
78ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTfFUVVMOeylgBOf6pDbeh1VxuYyPsmLMTkcpu9ZvvigYFTCeq0o5qaI3mm2A&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72aa8be65386d860f8133bffb866da6271165a92cbe9f28aa52bc2c91d0779e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 19:00:51 GMT
x-content-type-options: nosniff
age: 516887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21815
x-xss-protection: 0
last-modified: Sat, 16 Oct 2021 02:14:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Apr 2023 19:00:51 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6186 21 KB
22 KB 136ms
42ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRB2kh9Z5IJY96w4nKKtbxYpxt-Oo0VsFN1zU8c-gTo0Ia8yVkcbxZAEQTG9Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6832e3f1e513f2992aaf23368949f2d53867c2406e83ff56798af6066264f18c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:18:46 GMT
x-content-type-options: nosniff
age: 562612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21773
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 01:54:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Apr 2023 06:18:46 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6186 32 KB
33 KB 151ms
42ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQCL9N-qPy4pylv1dsRh1d2EuwFLyy1bJfnyUaRvK7HEhg5GFiRruCWxpf6k4g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e5cf97c3f7ed566500067707e468800c3464b071f277baecb0a4f82e96beee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:38:27 GMT
x-content-type-options: nosniff
age: 503831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32753
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 02:27:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Apr 2023 22:38:27 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6186 23 KB
23 KB 194ms
85ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTvdAsoGBEH8P-hv7Vry5TD4x7CYY3yGy4Dh6LpZcug178ZZgR8QB8hLke1rg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f9e35fbcd7329e53a647c9eed9508dfaf78fce96b64defe2584009467244ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 07:58:07 GMT
x-content-type-options: nosniff
age: 124651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23393
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 03:39:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 27 Apr 2023 07:58:07 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6186 17 KB
17 KB 213ms
105ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSkOsAORcLS_vSU6pNEvgNsb1zTtM8V6TLad5dqCaBhwizWndzZk4ehuvzJCro&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9077e390601d5148d832d5739314a8c413b82bc6436e44a653d44aea9381ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 07:40:40 GMT
x-content-type-options: nosniff
age: 212098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17788
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 01:09:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 26 Apr 2023 07:40:40 GMT

GET
H3

200

11603551136329321101
tpc.googlesyndication.com/simgad/ Frame 6186
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnv4vBZRC4CBi4CDII4DoeR-ZWoHo
https://tpc.googlesyndication.com/simgad/11603551136329321101

23 KB
23 KB

40ms
40ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11603551136329321101

Requested by

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64282cc28b67099860aafc4560ef983c7c54b1ff33e60a8bc72ac87db3c01c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:07:44 GMT
x-content-type-options: nosniff
age: 174473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23704
x-xss-protection: 0
last-modified: Thu, 06 Feb 2020 07:27:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Apr 2023 18:07:44 GMT

Redirect headers

date: Thu, 28 Apr 2022 15:53:45 GMT
x-content-type-options: nosniff
server: cafe
age: 9712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/11603551136329321101
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 28 May 2022 15:53:45 GMT

GET
DATA 200
OK truncated
/ Frame B948 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d52a5b04c382919821168e6373c3a214d2a9849eec0ef755707dac33678e96f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25CE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae57bb3856b03e73eda975022c2fcb3bfbee9056e265de5b973c7a729418289

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9782 143 B
163 B 36ms
36ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=3576718405&pi=t.ma~as.8450970356&w=300&lmt=1651170937&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fdk71&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651170936921&bpp=1&bdt=451&idt=227&shv=r20220427&mjsv=m202204210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=2778747416728&frm=20&pv=1&ga_vid=2085884917.1651170937&ga_sid=1651170937&ga_hid=1417420770&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1140&ady=4276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067267&oid=2&pvsid=1313480376542387&pem=47&tmod=1082418970&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=gQdlKCdXXq&p=https%3A//hi.ru&dtd=230
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:06:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 82E1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 810d4ec47a8d4d69ff1849a73253d572ee70b8dd7e783c26f85f62941ded0909

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ADC2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

97ms
97ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:35:38 GMT
expires: Thu, 28 Apr 2022 18:35:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6186 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 782b3f23dce7badbf2dd48c122ac129b8e6727be589382e7e56c81c999985b45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2C8C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d340355e38f25e2b5bbb5a5c698bedbe2074c2abf60d9b354091544dbefe950b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6186 20 KB
20 KB 113ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 159770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:12:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2C8C 15 KB
15 KB 126ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 578957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:46:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2C8C 15 KB
15 KB 108ms
36ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 88759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2C8C 15 KB
15 KB 147ms
75ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 88626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 17:58:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3460
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

112ms
112ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:35:38 GMT
expires: Thu, 28 Apr 2022 18:35:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:35:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9448 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 22:41:55 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BC3 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 22:41:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9782
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

192ms
192ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:35:38 GMT
expires: Thu, 28 Apr 2022 18:35:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 18:35:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BA2 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 22:41:55 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame E522 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 22:41:55 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D60 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 22:41:55 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4CCA 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 22:41:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 136ms
57ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e77295cd18ee116c59d80cca087a7980f708d4f8d2efe65f8faff168e86ce657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Apr 2022 18:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10599
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Apr 2022 18:35:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C7D6 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 17:53:29 GMT
expires: Fri, 28 Apr 2023 17:53:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81EC 783 B
535 B 135ms
51ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27e00e37e571b8ad6a32516b1451108985c16725b8a922d64077cc2bbd581bf5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hIxpX82yxyYx3JmGLR83fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hIxpX82yxyYx3JmGLR83fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 18:35:38 GMT
expires: Thu, 28 Apr 2022 18:35:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame C7D6 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 22:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 22:41:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81EC 0
0 91ms
91ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=1313480376542387&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C7D6 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7eYiyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 18:35:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B948 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-woO4fvblmVOpLUp2ghKGPuQ-eXfjB9um8QOakgJL8ZyaRtTJIkLHwqCl5RtxFh5osg4rOHMURiIBRvezmvZLrhaqh90EZIqquA-lmN7l4LcGVUyuwQ&sai=AMfl-YRyjSVzSiLPa9DP67Op7LWlkamzsO67tyZR0BEuJrdDEztSvadeVa9hEgnYK28_xporbCiCU4XgdOz2&sig=Cg0ArKJSzLe1Zonk4UivEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=139,755,1000,1118,1118&tos=139,616,245,118,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=293675611&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651170937608&rpt=313&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3199 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJpJY12a1b0wDhbsvA74N6W673vTeoXfLdA4B1o8K_tc0YkoO8VZTCHq1a1hLec6Wy6nxQ6CRMMJxsPN374QxK3KbXKK7LZBruwNcNWYbP4HY0HZFOzEWfNGXA&sai=AMfl-YTo-NQA-F8bx0uDCIQTi4VMrfS2KvbnbDpFqaZSu6yTfLw6sLLzyIZ979YGAfXzuhykijkCGOunblY2&sig=Cg0ArKJSzFxdTzUP-YYlEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2075745809&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651170937097&rpt=970&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6186 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfjOcpIYmTpEmXqABBtePpj1Zzi2cmfQbjJ_bM7mRznFp0xXKnxv08_BfjO5vObDTPXEPpY8mluCeye9d_jLwcJQ8qWNhI3gKmc3StFeaY4TT2iSMntp7GcNzk&sai=AMfl-YR-c_lUkmiV5I4GJuUJs4QSwkcC4SnimW7UvC1HYS_tm3_w1LHraHw6Da7U0roR0zHsaBR-CMUym28P&sig=Cg0ArKJSzMXBq2iACp3REAE&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4009741209&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651170937084&rpt=1190&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C8C 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvW1sB6693Fn8gPTPyUiT7AKY8pOszOD2nUVqN4DBFYu1xFl6yzaFh9Mos048TWLrAXuaSZuYd4yacf7-EcudBrz_8_yp3P58ZKkqv2noLrIC649dEMjmSrBnY7&sai=AMfl-YQmNKVY4a4AJ7VSh-REXdsXcTA2PyQrUg5s9LRxndORkhLNOAzcnHpdvikNj16c73-lKr8bwcGYfQRx&sig=Cg0ArKJSzCuAwHAuENL4EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4038436&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651170937102&rpt=1190&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 18:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 87ms
86ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220427&jk=1313480376542387&bg=!-_il-LzNAAZNIUvJbSE7ACkAdvg8WsLCXFuwxuZOGHJ1uOz-ZwUPZtqUHFRPH0HYlx00wAIw0yWuVgIAAABuUgAAAAhoAQeZAroNqdjAvOyN3GGPxNjL9hp7lsZAP-yKgrnUDBcmFViyUScmQAnaxL4P8a9DZMJk4m8vgJR8APlfKpEeDOuho8MKZBd1rLiZH27-c83PI3EKUflXktFF71sW59MacTmMQRHMy3zi-nBg2NDSeC3wIxD_wJ27B4iIIv-SRAFUy9tslDeoI9IAwTQ5NBzSgHYG5imrNsN22gttgT9pxxWn_QgY9Cp9GbKT3IMYiK-GxemImVACeb0q2xhRNMTm9-NehSUkla7BQKaB3LaVja8H5WUzbL4NAl4cXD0egsHDb0i3qfaeDkYJINipdktu7FrX7ssOiV6JPlQ56rDQn-ed3SsrqBX3C5NQWT17D3c0-HaB4bqKB5fqxdy7-wbGV9wlKEl4EyRnaAlNSHXimhAjiGIez5-teSuUDbQ0vPzrYPXmFCd3s51de3_VgzkG7fz6sXqtBNHpQmRrNsCeu7xahYXrvty3G420nrur7j4JDfnyU-ha6ChcJk7oHYBHKt1IrKho-FzCgmcAcvRWYXBB14h_gu5KnxKzymDyoWRUfjuguM0az7Os4YBtzCh9gyOOl825cBkJ_AeZXccQPWuI05kaB3wbk49CVaRXTnJ1pnegTloar_7_bxEYkPIdDQv9dyRgvNekd85lnINPa7ReGKeJrZU7BkySH5SiNCHr2LU6AteWVoeQw9XJeQCLCxpKVsd3Ue5KaWDjSCnvMnshyQF0qCj9k-eg1dBThxEfQGlpXaAADlS11Q3QRWzJqiXydDewb2GuDHJKhjHNhRmfc5SyARY3SPDRxYHhFxQop8smnZo8cbVvDsDWGdNA36bJBtAzHCDAimNONkiThC2b2Gp4TPlGDXLuXyJ9IKZaj0NPjpVhopX2CrLESsNPF8fOqELDkTt1DCp1aKp9_ztnfO38-tfhF9RDQlkUow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 11:23:49	Name: FTID Value: 1YQjwD0F7dOJ1YQjwD002DTl
.yadro.ru/	1970-01-20 11:23:49	Name: VID Value: 1s5bca1L068J1YQjwD002DVh
.criteo.com/	1970-01-20 12:01:06	Name: uid Value: 2830ace4-9ca4-4fb6-ad7e-bcba12ea8ccb
.tns-counter.ru/	1970-01-20 11:25:06	Name: guid Value: 63836A18626ADE78X1651170936
.scorecardresearch.com/	1970-01-20 19:56:18	Name: UID Value: 10Aa470b3ef53097bb4faaf1651170936
.hi.ru/	1970-01-20 11:25:06	Name: _ym_uid Value: 1651170937689745842
.hi.ru/	1970-01-20 11:25:06	Name: _ym_d Value: 1651170937
.server.cpmstar.com/	1970-01-27 09:58:42	Name: USER_ID Value: %1f%92s%06%2b%ec%fbV%86%02%0d%0f%7e%e7%94
.server.cpmstar.com/	1970-01-20 03:22:42	Name: n24 Value: 0,74084,457182,1231797,1651170937,0\|0,74084,457608,1234000,1651170937,0\|0,74084,467396,1268367,1651170937,0\|0,74084,474902,1292486,1651170937,0
.hi.ru/	1970-01-20 12:01:06	Name: cto_bundle Value: bV8asV9VOEdrcmIyc0RKczBrVDNqN01pJTJCWVQ3bCUyQlVMN1RXak1XeDRVS1RBMVFNbWx3Y2xVQmRUZ0N6Z0VGWnNWcldzS0NlckNUZ2tHT0trdEwxSDloJTJGeVJsYmM0V3YzQk8lMkJTYTVmZkRUaFZQOGZOZ0tQQlFaNktOJTJCZE9mWWRXOVBzMjFNanlNZEo5T3klMkZGWlZ3RERQa2V3WnclM0QlM0Q
.hi.ru/	1970-01-20 02:40:42	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 02:39:31	Name: sync_cookie_csrf Value: 1784945201fake
.hi.ru/	1970-01-20 12:01:06	Name: __gads Value: ID=bb12252225f300c6-229999d086cd0015:T=1651170937:RT=1651170937:S=ALNI_MZK7J0t12XxhcFp1JDMxQI3Ojyx4A
.mc.yandex.ru/	1970-01-20 02:39:31	Name: sync_cookie_csrf Value: 1806917128fake
.yandex.com/	1970-01-20 11:25:06	Name: yandexuid Value: 4333677581651170937
.yandex.com/	1970-01-20 11:25:06	Name: yuidss Value: 4333677581651170937
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1309994271651170937
.yandex.com/	1970-01-23 18:15:30	Name: i Value: mgOB0AZENL+FJN/z3EdZrcl195lZFodgPVfKtheN9r2EsLZE979FLR1Yr7Oi/q9/wSPVLoO+7ENPwTMsIsEhfIK7NuU=
.yandex.com/	1970-01-20 11:25:06	Name: ymex Value: 1682706937.yrts.1651170937#1682706937.yrtsi.1651170937
.hi.ru/	1970-01-20 02:39:32	Name: _ym_visorc Value: b
.doubleclick.net/	1970-01-20 12:01:06	Name: IDE Value: AHWqTUkUbAluWnKALO4tIT8uY_V6eav6SZTqb53oF4eFSq-zQgBGGOS0-Y1Lci4V0Xs
m.exactag.com/	1970-01-20 04:49:06	Name: exactag_new_gk Value: c7174e1a6f1f4ef8a14dcd933f93555e%7c27.06.2022+18%3a35%3a37
m.exactag.com/	1970-01-20 06:58:42	Name: exactag_new_uk Value: bdec144766c846fd97fca1f6da1d9a26%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: bb29ccbc4779420887086fee
.doubleclick.net/	1970-01-20 02:39:34	Name: DSID Value: NO_DATA

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://hi.ru/?dk71(Line 224) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://search.hi.ru/'. This endpoint should be made available over a secure connection.
security	warning	URL: https://hi.ru/?dk71(Line 468) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060265284.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 468) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060238605.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 468) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060286529.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 468) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060350277.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 468) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060349663.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 468) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060326955.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 468) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060332475.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060379119.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060479260.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060452899.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060438821.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060592232.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060571062.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060528353.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060562519.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060612853.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060649436.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060645344.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060619847.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 739) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060742105.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 926) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060135026.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 926) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060163410.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 926) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060269598.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 926) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060995511.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 926) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060943345.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71(Line 926) Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060972795.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71 Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060985737.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71 Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060932124.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71 Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117060965712.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71 Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117061023609.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71 Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117061082691.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hi.ru/?dk71 Message: Mixed Content: The page at 'https://hi.ru/?dk71' was loaded over HTTPS, but requested an insecure element 'http://photoshosting.ru/165117061051308.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9622.y3hrQ8COnVpFQaJSUPvGHxRj7iGh6hhHg2lGg8w9nH35BuhEyBOZe9HwBopon3bg-cnObLpJbR_UD2-j9FXYPg%2C%2C.8_-Ieu7ucdtqzSazSwpClFVTAUU%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
counter.yadro.ru
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hi.ru
m.exactag.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
photoshosting.ru
sb.scorecardresearch.com
server.cpmstar.com
ssl.cdne.cpmstar.com
static.criteo.net
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
13.225.80.90
152.199.21.117
178.250.2.146
198.24.171.52
2001:6d0:4001::226
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:15f8:a000:5:1:13:5:3f30
2a00:15f8:a000:5:1:13:7:1fd5
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8::1:119
85.14.248.71
88.212.201.204
0526252d7878f9bb9d524a541b0ec7c7d8ce6172f96eb710186a8ecd58779e37
06f6f0a9547cee5ee6766c2806e4583bb4cdbb750fe01695f7a1c8f3bb726f52
0a3da478265d4b43471d4c54927721e47ca7676bae8b4868fdc6ce2b1981766c
0a7640cd3cf881dce6296eaf2b44a56d4c733f2b9302f525bfc0adf6b40b1364
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0dc3c5ed84304c515d188ba4625f2c888fd0e327301ee6e017347966708ac2ef
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
105357ce9b607d12556586f27255cb8632918db26897feb64a2848139b64ebf0
16b45eeec033b3b46d01394d903670209c524a4d29afcea2729640a4391640d2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f
1b3f1307c94bfadfd1c7dcc29a453044343e0752c2af029a381d1fcd251537a6
237919195dd355f07e07a3c64030823ac6f70f546580c8bb89ea4c2e1e390162
26de7ddc151567db6158dbb2e730c21f7bdb291354b1a88a9e4123cb6ec455b0
27e00e37e571b8ad6a32516b1451108985c16725b8a922d64077cc2bbd581bf5
2ce27e2aa806866926a4425b7aa4c3782ec1b7fcc5abf46ba57aec9a79e6e01b
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
317b461d0bd86c4b065aa35ce25d53c57ac4b80649e7bc5bd7e310b653455cfc
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36578b5317ca4881cd7a449cf55e81802c475c5e0f8bd340d626ff2fd0dee934
376f2619fadaec161771f2d7a74dfe534c30b5a4c4f1ca354eb71ab3da5edf70
390cdd2401b8a6d820152f5d1c9c0070833f95a983b81b988498bb14daf99c5f
3d376242693b0638eddc94eac7a5dd62e3ba27f076a23e66bd7e6cb5bce16ff7
3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472
3ed14ffcf48a4f46614b93bb468c59b4a04917a0997f3db67bf5aede6cd09ef2
40d37233bcabfe2025c0f2b9bc696601d0ffa6bc2506cafaf6f15ec17f7680cf
4633b000a57178748fdc54a33a0eb08bde60ec897f63c806427efec8bef16750
482b62a55fc2f636a96ef2698106b7a1b9ea5dee55c70340e46a2acbecc9f802
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
5148c8315cf1cf66097546e3aa542f356692976551432229797d6aa1bd4a016b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562c8647832e42da63833d8174e1ec410d38dae61bd3530adb0842fd8dcee52a
5a05e6d038288b5d2f739c4456e42feec453ce2c360c3865c1b927b743cb070c
5ac7e8dcab9f9e858693da31089419acea6de3d6fd82f2e5305d5b40d1fd0c36
5ef9d4580377431e258ae8bbf2a5a6d17b6e99e6099b490ba6fd3a14a43a27b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e5cf97c3f7ed566500067707e468800c3464b071f277baecb0a4f82e96beee
64282cc28b67099860aafc4560ef983c7c54b1ff33e60a8bc72ac87db3c01c3e
6430a5609cdd61e8ec8b87c2f32a4b8010a93fca76e4737387673b788afd9a82
64fedf0f1f511c637ed27216292fed7ff26dfa03c4215cf2d6a37344d03f6001
6748d16abf009b7dd9078c6faddf49b4d796750427ec45e26094cb4c613e9ea4
67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717
6832e3f1e513f2992aaf23368949f2d53867c2406e83ff56798af6066264f18c
68848fef67aea0136af0499b7d604728751b9c96f56254bc6f050370009f6593
6c41b871bc27660cec45b412372cd5df1110975abced3877f6a2dcb0bc881268
6c5af7b85492dff8e8954e77268aa58c37949fa345eddbda75326308a5982288
6f819cc09a49486b4aaf3139951e60601106f0909ab6a0bacad1f7af5d504a07
6f9c80a5f214df00adb0ee7f714a44c3a472f52e7dbe66bf740eb4344b21c26f
702b8390fe80c41ae67692aa5301029776ba38b9eb47627b4beb80140a3e7c0a
704fb2fb51023c7f361e779a1448e30de7b2c347652e359aec3f71b1156abdc6
71df592ddaf04982d08012e16b8a951b4f5e0d39af55107da331c7a66d368202
72aa8be65386d860f8133bffb866da6271165a92cbe9f28aa52bc2c91d0779e7
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
771a8df08ab326e0c366a4ad70196a6cb3b5aa69ba88087ebe6575a820f5c4ca
782b3f23dce7badbf2dd48c122ac129b8e6727be589382e7e56c81c999985b45
7a322e142b8ed9d9398196dfaba0432af9696eaa9b6badb7a3dab329c0c2e006
7a43a6dd7dbbb0103a0968e7efa25d85a0c1b6951d558fa7d3a93f2b7e07aa42
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c4e53480a4d98a04e2642b4cf2743d3f6b22eecd306c2d97f55d720a28ae99d
7cf7ab809469e1943792c234faaeac7e264083f64b7137afca63060bb42ccd11
810d4ec47a8d4d69ff1849a73253d572ee70b8dd7e783c26f85f62941ded0909
8283aab3751f2c827dd3ea680a6fd9de836f5ca2c31f83b7b81948bb47354847
82854ff21edcf4766087370ed9af7dcca2cc008968c74d81d43f43fc3453ecc1
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8763c7cee404235584c03d712187e2aac4355da9b405f1fc406af91ae15e873a
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a1caca497de67c1bdb0d83a06eaf651b0c6edeecfaa517d04c77f2f8409a261
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b20904864b650652ae59f6e0ded5123eb77357565b84e3e2a5db7f17adadb42
8ce115cb1f81d260212fb53e3d67f0802b18cf9a3c0b69fbbb0400b2d5688dcc
8f47b516f11e7752eb39c35091f65e79c441aeb5863ba85c07a5ac8a4a584a68
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5831f8bc56cf1fdcb91889b2eb4cc6108b18dcade08fdabd1b41561f548e739
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0444809862b2227d687d9248c429aff81d18fd75a872fd7712e1402e2305f1c
b663358d262151aebf082f699b672c1c44e5e1ed122b6bcf03a461345d0673ae
b7b23582d69ed4bdeb85c18ca2c5338310b008e869c81b9c705d7ecbab439048
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
bc2fd01167fcee19414a5fb07b892b1175c6e5a38a0aa4f8c0715f004f22c705
bd49298c921b316356e1457a8ff2a9f19c0d069415e8a014f1d6ea6511000787
bd9077e390601d5148d832d5739314a8c413b82bc6436e44a653d44aea9381ce
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bf5329597d63288354d65b448d93b157a666ce8ed88db089099508403a321b44
c76f60784589a5b5378af6606e077932f5182371cb7115a8583deb347f6344cd
c7c31274b319c464f0d86b58d1589a8023cc623e4697b2b049b91f5f935f0abc
c7f97522c25b5d93efc2e3df6843abd556eb2af8d30fc6a0d6adc2913bedab72
c87c2b85dc899b0b4033b24714618451a2af16796619f6587c404fbf3d67dee0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce34a1dfa24de6e0b6d86dc36610fe7613e094eb7f8e839a8ce42c3a56812356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09dedeba8fb4802437aeb27cd9148200f1ca17dd0c699bf7b85a0fd0ae97669
d340355e38f25e2b5bbb5a5c698bedbe2074c2abf60d9b354091544dbefe950b
d52a5b04c382919821168e6373c3a214d2a9849eec0ef755707dac33678e96f9
d5a86d2d0add1b7b19d91569241c893ff74207e9331c30cf17c0edb58616bcbe
d5d8dc69aa87c483b4fe658a37d73a8492c874eabbac539b90f7101c4458ec4f
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
d75810d6ba7cb87c7257f9cd72cccfe69ea7dca7d39b2acd266d0b186a8fcef8
d7a1b661d19a9b11aba066c4146e15fa1e724dcaa9f4ff164e7f24cef5b63263
d8738f1a40f1f64f8561fe5924e4fb9134be21eeaa73c7f0adae5df353294ec6
dabba4011fb5c6cb64e46386a598022f8cdaaa6370c5d3e81e253585d9541b0d
db37357b99b2f88c24b2cb5ebff4397b588ee189dec457314aa0d19b6a921750
dea2eb986adde9f443be4e2e46ad334f3dbadd82902c109a44b152d499bdc1f2
e14245edb66438db8f4b062f463e708132f41762649ddb809dddb5c9f8eb9987
e29ba5bcb925f63c259060b23e20f974e7e51b71a17f170bdbd5f28146257c44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77295cd18ee116c59d80cca087a7980f708d4f8d2efe65f8faff168e86ce657
e88adda18aa09bcb1b6747436882f40a0074574df0ca4bc130779bb440e19d9d
eae57bb3856b03e73eda975022c2fcb3bfbee9056e265de5b973c7a729418289
eaf394f0cf1614e22d265d916398cc14562c0bfa73a6f90af26e068dd76e4dd2
ed3158b25b965ab134116233f4d5ddf6cb52e22cf78991e830034876dc000fbe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02139163617044138bb3e847904ac970786b7e8ed8ac49d959563ad36d7b1c2
f14cc3c3c62d09957046d22335aa78b5c20d7f39c40c40b238d70ec030cb0695
f3019613f2070bb17e1538692efffbf92a8b043c7e4aa28410c679ded13e9950
f487f1311f2396de22a5f3f382f5f67a6b1525b20cc1dc852a3b9375f1b9e6ce
f7f9e35fbcd7329e53a647c9eed9508dfaf78fce96b64defe2584009467244ca
f8c83543d8aaef23c212b89c9080d6acf87b5d28da8429f331103e9e42b52a64
fc870acad62df2770116c47e988461f99e0ec7f925ab770576d64e95310d4895
fc91eb00e7afb85db42a8ec06c717b95f238ecc8f11d3732a8dbe0b119fd4b54
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fcc23349e95a986a14af59a33f02308d352deb0b5f386ec88b44d68a85b4f93f
fd5dc39e7e8c3e52dd51f848aa140401de17ec1f545e4595b03923b1f836021a

hi.ru Open in urlscan Pro 2a00:15f8:a000:5:1:13:5:3f30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

95 %HTTPS

77 %IPv6

19 Domains

29 Subdomains

27 IPs

4 Countries

2473 kBTransfer

5040 kBSize

25 Cookies

71 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hi.ru Open in urlscan Pro
2a00:15f8:a000:5:1:13:5:3f30 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

95 %
HTTPS

77 %
IPv6

19
Domains

29
Subdomains

27
IPs

4
Countries

2473 kB
Transfer

5040 kB
Size

25
Cookies

175 HTTP transactions
7 data transactions