xn----htbduqdciw.xn--p1ai Open in urlscan Pro Puny
про-деток.рф IDN
2001:41d0:602:1f56:: Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xn----htbduqdciw.xn--p1ai/
Submission: On February 07 via api (February 7th 2024, 5:01:02 pm UTC) from US — Scanned from US

Summary HTTP 112 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 112 HTTP transactions. The main IP is 2001:41d0:602:1f56::, located in France and belongs to OVH, FR. The main domain is xn----htbduqdciw.xn--p1ai.
TLS certificate: Issued by R3 on February 7th 2024. Valid for: 3 months.

This is the only time xn----htbduqdciw.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2001:41d0:602... 2001:41d0:602:1f56::	16276 (OVH) (OVH)
7	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
13	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
8	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
3 13	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
6	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::67	15169 (GOOGLE) (GOOGLE)
112	13

28 2001:41d0:602:1f56:: (France)

ASN16276 (OVH, FR)

xn----htbduqdciw.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4004:c1d::9a (Washington, United States) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::67 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	620 KB
28	function sub() { [native code] }.	2 MB
14	gstatic.com fonts.gstatic.com www.gstatic.com	251 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	198 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	6 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	72 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11938	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
112	12

	Domain	Requested by
28	xn----htbduqdciw.xn--p1ai	xn----htbduqdciw.xn--p1ai
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	xn----htbduqdciw.xn--p1ai pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	xn----htbduqdciw.xn--p1ai googleads.g.doubleclick.net
6	www.googleadservices.com	xn----htbduqdciw.xn--p1ai
6	www.gstatic.com	googleads.g.doubleclick.net
6	mc.yandex.com	3 redirects xn----htbduqdciw.xn--p1ai mc.yandex.ru
4	www.googletagservices.com	googleads.g.doubleclick.net
3	mc.yandex.ru	1 redirects xn----htbduqdciw.xn--p1ai
2	counter.yadro.ru	1 redirects xn----htbduqdciw.xn--p1ai
2	cdn.jsdelivr.net	xn----htbduqdciw.xn--p1ai
1	www.google.com	tpc.googlesyndication.com
112	14

This site contains links to these domains. Also see Links.

Domain
vk.com
www.liveinternet.ru
www.themexpert.com

Subject Issuer	Validity	Valid
www.xn----htbduqdciw.xn--p1ai R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://xn----htbduqdciw.xn--p1ai/
Frame ID: 1FD9678F62FC7B9B26A49EA2C0BE52CB
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html
Frame ID: A1B1EAEF8A178B5CE30D207EB5D66713
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=220&slotname=6211502908&adk=3843801043&adf=2956701964&pi=t.ma~as.6211502908&w=1140&lmt=1707325252&format=1140x220&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252075&bpp=21&bdt=1580&idt=420&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&correlator=8645623342190&frm=20&pv=2&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=444
Frame ID: BDAD07CE1625DC424062258D8C5C7AA5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=460&slotname=7544480462&adk=4197587045&adf=1616622536&pi=t.ma~as.7544480462&w=360&lmt=1707325252&format=360x460&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252096&bpp=1&bdt=1601&idt=437&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=445
Frame ID: 130A7681C6218D2A8B841D48A1453A22
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=460&slotname=1805354038&adk=2832537058&adf=3355328797&pi=t.ma~as.1805354038&w=360&lmt=1707325252&format=360x460&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252097&bpp=1&bdt=1602&idt=456&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220%2C360x460&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=469
Frame ID: 369669064F8A93B0F95E95F5B9352C80
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&adk=1812271804&adf=3025194257&lmt=1707325252&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l&format=0x0&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252133&bpp=5&bdt=1639&idt=444&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220%2C360x460%2C360x460&nras=1&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=457
Frame ID: 7624A5CA19D213959F1D21B992579DAE
Requests: 2 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 4C0040D3940FC265CA03D31F03425F56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js
Frame ID: 229B43B2CC9681E5ACFD4086C47D069D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js
Frame ID: FAD8B7948E0B475BC49C06E4AE6C05C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: A95D0AE00AD3FDA5E3343E6BF4C104C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 2623954E82771F7910E17131678D02E8
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: A70C3B2176ABE4881D078E874E292CF1
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js
Frame ID: B6B6E7FC94A4CD5EF6CAC2250BC30E97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E89ADC651EAD0C6CC9975924B20AFD32
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF0E0EEBD0FDED822DB93CA00CC8D4E8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Главная - Родителям Про-Деток.рф

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

112
Requests

95 %
HTTPS

83 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

3201 kB
Transfer

5352 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://vk.com/prodetok_rf
Title: В контакте с ПД

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://www.themexpert.com/joomla-templates/joomhost
Title: Joomla Template

Search URL Search Domain Scan URL

URL: https://www.themexpert.com/
Title: ThemeXpert

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://counter.yadro.ru/hit?t41.7;r;s1600*1200*24;uhttps%3A//xn----htbduqdciw.xn--p1ai/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20%u0420%u043E%u0434%u0438%u0442%u0435%u043B%u044F%u043C%20%u041F%u0440%u043E-%u0414%u0435%u0442%u043E%u043A.%u0440%u0444;0.654032859617399 HTTP 302
https://counter.yadro.ru/hit?q;t41.7;r;s1600*1200*24;uhttps%3A//xn----htbduqdciw.xn--p1ai/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20%u0420%u043E%u0434%u0438%u0442%u0435%u043B%u044F%u043C%20%u041F%u0440%u043E-%u0414%u0435%u0442%u043E%u043A.%u0440%u0444;0.654032859617399

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10272.z0pcdr1qt4Dt1HWVwXUmOKcPM4VRK7up7sadmSJY5FO5BpNSBE_kI0vXCt3cBh2J.0qi14woH5mmN1pAul8hPMRx-tuI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10272.Lce1ql5WQoV3XwXnc0YAWA_hCE5MKs4pw2DKgieGmECDsEHqKF2muhp17p9A4Dom54hw6H-GnEe_EK6BFXY60I_8HuyAi3wwa6mNIGgSqe_n2vFnwz5Nz5IIhAHQgqz9QDIg3QRx5FJhhfJ2IRFaHB6EJlFwd99f1h9wY6VYrSlJD4K-TICThgO50hjcPLOKsoUhwQXDBfSb0L0zYiVBz5jXi0cVzIPqsAfT5FLJGPw%2C.iXnzE8wpCbYy6aw3ZTbWNt2gg74%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10272.1BtZc2b9CStoY0X2blBsZKzBKF26_d4Y6XaqesS5B_2CSMsDAc0FA0OvrWQPqOMo80Vni0QecQ5GsPxfQCMuvMB2znO4pX4nUJ1rLFjwrXM63cQ8p1JdmHPkiYPYoZiCnx5A0oKGjc2nOTHd5zKGsIllJYDEAL48JIM1v2-rPZajcH1uYKfleTJXO3j8K_ICzNxm_i8EniBKcfUSNqRpNg%2C%2C.MnIvy5MmZFyHGW8fZv0K35dpz8I%2C

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=CFqnBRLfDZceSJI22oPMP_KenyALA3YzRddmq8tSoEmQQASCxpZ8WYMmGgIDco8QQoAG7pceWKMgBCagDAcgDywSqBP0BT9BEEz1BaNrh8DvylS0mqT_iVxmHh50lxVx1FT7x6aKsaD_YUtv3N1bvK13N6OBoy3iPSFL1lG_eEsgNbDRAvP4QlO2roKK79WuYerUMg305ejNHsnQvvAYIs0kzzOEvd2fH_eOy3A1bqCHimV7GIMiylYv8-BwkyWHKL5tMNxoHd8CA57LSi5xw_LOWvZCZEF45LuXKMvV5NdtImhXusUg38HyIhnPLZXw78GTS7WFOyR4VF7Xfdg0vZr9dXGBA-cjVJNtTnOwLW74U1BzJ8lncwpK4dFGFTPKZVsNgUhyr45ej-oW55Hlc34V4W5zmGuD1mOGNvUCTt5dO9sAE9tPm-cYEiAXG-6aFTpIFBAgEGAGSBQQIBRgEoAYugAe73Zf2AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFEPuXmAbSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpY4IHJmdqZhAOaCdoBaHR0cHM6Ly93d3cuc21hcnRhbnN3ZXJzLm5ldC90b3BpYy8xOS81WFFRMzg4Lz91dG1fY2FtcGFpZ249NVhRUTM4OCZla3c9Q3Z0MEJPdXVCMzB2ODdpa3pEMkdlRzBsVUs2cFMwUklqRnZMUldvSlMrQ3NJU2loQ0lQUDZJU3BpK3FNejZWcCZnX2NuPTIwMjQwMTExX0VtcGxveWVyJTIwb2YlMjBSZWNvcmQlMjBTZXJ2aWNlc19QNl9UZWNobm9sb2d5X0xlYWQyNF9TUkFfM0NfWmEyX0SACgHICwHaDBAKChCg39Df1YH7iGMSAgED2BMN0BUBgBcBshccChoIABIUcHViLTM5Mjc2MTMzNDI5ODQxMTAYAA&sigh=IQER2Zve-0c&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_p07dm9B6WVQ6z6AvGSsZ6K2zWIcAsbeP3kyTiatHQ5ox-GAHYQ5Vepx42BaTTacVhQgJR7-xAD4gFhUzZc6JDBRW7mhSP_uXfxgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9791159c3289cff00000000000000000%22,%222%22:%220x60774a04a6d938300000000000000000%22,%223%22:%220x70bfcdf437f235f70000000000000000%22,%224%22:%220x1918b4c912a1682b0000000000000000%22,%225%22:%220xab5eb76ccfd024b40000000000000000%22},%22debug_key%22:%2216995435303548072216%22,%22debug_reporting%22:true,%22destination%22:%22https://smartanswers.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210784723643%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223730890290662106609%22}&andc=true

Request Chain 78

https://mc.yandex.com/watch/14931604?wmode=7&page-url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A242269718125%3Ahid%3A395876810%3Az%3A-600%3Ai%3A20240207070052%3Aet%3A1707325253%3Ac%3A1%3Arn%3A644789874%3Arqn%3A1%3Au%3A1707325253406570631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C370%2C765%2C1%2C0%2C0%2C%2C1366%2C18%2C%2C%2C%2C2825%3Aco%3A0%3Acpf%3A1%3Ans%3A1707325249034%3Afp%3A2843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707325254%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%A0%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%D0%BC%20%D0%9F%D1%80%D0%BE-%D0%94%D0%B5%D1%82%D0%BE%D0%BA.%D1%80%D1%84&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
https://mc.yandex.com/watch/14931604/1?wmode=7&page-url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A242269718125%3Ahid%3A395876810%3Az%3A-600%3Ai%3A20240207070052%3Aet%3A1707325253%3Ac%3A1%3Arn%3A644789874%3Arqn%3A1%3Au%3A1707325253406570631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C370%2C765%2C1%2C0%2C0%2C%2C1366%2C18%2C%2C%2C%2C2825%3Aco%3A0%3Acpf%3A1%3Ans%3A1707325249034%3Afp%3A2843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707325254%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%A0%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%D0%BC%20%D0%9F%D1%80%D0%BE-%D0%94%D0%B5%D1%82%D0%BE%D0%BA.%D1%80%D1%84&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 86

https://googleads.g.doubleclick.net/pagead/adview?ai=C88BZRLfDZYSWI-mC3rsP0rKF8A3DhYqjc7iVivCEEsiLhZ4LEAEgsaWfFmDJhoCA3KPEEKABz5DzvCjIAQmoAwHIA8sEqgT-AU_Q1FipDpzE19iGlCI8o54PfIAmrhmX0YqBL-6DoNOB2l9jHIvF8IxwI6Rkf8ulCK3ilLh3F0nmtzE5B0nk0NwwJOGeoQr17E3orzs9PATMtbNrfBaUbslE9F892_MyG110b9HvMI_1njSMD4GBN--AHEwCrtDFypn1SdPumaUP6A2nE4YxGCg52W9JVr4buEDeTDeAzEroo2x05emezn3VH7usPzzsrSHBlqKnv5xugA0H8jW0OCNWML1WlWjYEuyal8blTYMhOwPF0JnWMVQNQfJPWHOn5NLR_73IV6rpdJRRTCeElxfNnE7k4w5hoGF9wsx5-58tv279A2eEwASNqOKgrgSIBc3517NLkgUECAQYAZIFBAgFGASgBi6AB8_Iw5wDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQ6NiCB9IIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliA9seZ2pmEA5oJOWh0dHBzOi8vcHJlc2NyaWJlcnBvaW50LmNvbS90aGVyYXBpZXMvZW1nYWxpdHktMzNhMTQ3YmFiY4AKAcgLAdoMEQoLEPCHh_niuuz55gESAgEDuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0zOTI3NjEzMzQyOTg0MTEwGAA&sigh=V1zjimkEEXg&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_frwecyqZj1omfk79ojdMpOz7W3ykR0DqkhSc4jrCI_-6T8-QkohxGB8gCCyXBCZMKvtytHUjHT-fiKBRVqjiOzQ0WY1ametB7RgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd0157d634366601a0000000000000000%22,%222%22:%220x3dd9783f81477c290000000000000000%22,%223%22:%220x5cf338cd8dbf11850000000000000000%22,%224%22:%220x97601dc4dd4cff650000000000000000%22,%225%22:%220x295548e4b048b7250000000000000000%22},%22debug_key%22:%222631575546813263112%22,%22debug_reporting%22:true,%22destination%22:%22https://prescriberpoint.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210865133647%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228909644069572616625%22}&andc=true

Request Chain 87

https://googleads.g.doubleclick.net/pagead/adview?ai=C5O5TRLfDZbmMJvSUoPMP74m8yAT1rczcdYe92tmaEsv848qwCRABILGlnxZgyYaAgNyjxBCgAen99c8DyAEJqAMByAPLBKoE-gFP0F_-jrru1o_jpVleWzQakrTr_DM3jxzYp--G1B0nFyyAXJ7c48Uf_bFbHeQAD3yMFshNASBkHEdis1hWxBiGqFJi_OD4RJBtc0jp77q_H6oUGGlV8BVMRkk1zIp6U8GplbphNEv5qgzTpD2IejPsqZ-WbU92LzXrzOKhaXgWhNNPK_U_zFyPuLAxoItMYaym2zmGGVBZRZZXWwU7YeKd1_NqC093YYBdGwaJ49jAMpst7PM9KhV9vpKd5M5SSvzKy7401vZoxtOv2XojVvSmVWzCOUL1rbcI00_ly-Gjshq3rFIZ-BlfC2tWoZvLKZgxTvGgYhni8L4VwATayeDo1ASIBdrj6plOkgUECAQYAZIFBAgFGASgBi6AB8X57LkFqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQ5KihAdIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOliphcuZ2pmEA5oJOWh0dHBzOi8vc2VhcmNoY29tbW9ucy5jb20vaW5kZXgucGhwP3JnaWQ9OTQzOTYyJnN1Yj1nY2xpZIAKAcgLAdoMEAoKEPDzlJfsmIuFcxICAQPYEw3QFQGAFwGyFxwKGggAEhRwdWItMzkyNzYxMzM0Mjk4NDExMBgA&sigh=qUQ8HBLODkE&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_DC-72r4SyXNz9all4w_pg1aBk6ikbfC3xxdkVq4NV8mN2UlVBNoqNdb4xV1er4Ks2sb9ZKp1zReq7VReym-NoeVLvvP6tBui1QIYAQ&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc766af1e02ce28580000000000000000%22,%222%22:%220xfb0dec3af78b9e750000000000000000%22,%223%22:%220xc0cc5f219952dc0000000000000000%22,%224%22:%220x21a163eff0756d2c0000000000000000%22,%225%22:%220xd59f73686f13783f0000000000000000%22},%22debug_key%22:%226184345084319992607%22,%22debug_reporting%22:true,%22destination%22:%22https://searchcommons.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221965126393805205473%22}&andc=true

112 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
xn----htbduqdciw.xn--p1ai/ 118 KB
18 KB 1457ms
766ms Document
text/html 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 / PHP/7.4.15

Resource Hash

3983dcb579bf362b96c2e378b208d16abfbfe536613b65b81873c2787ebe2857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Feb 2024 17:00:50 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Pragma: no-cache
Server: nginx/1.18.0
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.15

GET
H/1.1 200
OK quixtrap.css
xn----htbduqdciw.xn--p1ai/libraries/quix/assets/css/ 40 KB
40 KB 175ms
170ms Stylesheet
text/css 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/libraries/quix/assets/css/quixtrap.css?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

1fba9fe245ea83241425e2ce6205dbf2277fc0b74290bf502bc3de430b3c6da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:50 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-9ec4"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40644

GET
H/1.1 200
OK quix-classic.css
xn----htbduqdciw.xn--p1ai/libraries/quix/assets/css/ 43 KB
43 KB 624ms
312ms Stylesheet
text/css 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/libraries/quix/assets/css/quix-classic.css?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e47b430094930ac62c0ea935cc3aa70d3b3c315e871760afca51ad930cb6b3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:50 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-acd4"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44244

GET
H/1.1 200
OK magnific-popup.css
xn----htbduqdciw.xn--p1ai/libraries/quix/assets/css/ 5 KB
5 KB 480ms
160ms Stylesheet
text/css 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/libraries/quix/assets/css/magnific-popup.css?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7092b870a61c2019b0ce2547febd17b21d397ec3e699d938d56df9304f07c1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:50 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-1454"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5204

GET
H/1.1 200
OK css-e5b13-35340.css
xn----htbduqdciw.xn--p1ai/tx-assets/css/ 207 KB
208 KB 643ms
321ms Stylesheet
text/css 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/tx-assets/css/css-e5b13-35340.css

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

c6e0cc10b627fb2c7c2820a43fdba7371df5d07198993166f8afdc5675f97def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:50 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 05 May 2020 18:58:32 GMT
Server: nginx/1.18.0
ETag: "5eb1b758-33da3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 212387

GET
H/1.1 200
OK css-3e361-35340.css
xn----htbduqdciw.xn--p1ai/tx-assets/css/ 79 KB
79 KB 650ms
325ms Stylesheet
text/css 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/tx-assets/css/css-3e361-35340.css

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

cefaae4bb96907ee5618394978255228f936212149a484dd0d2f531aacf04e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:50 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 05 May 2020 18:58:32 GMT
Server: nginx/1.18.0
ETag: "5eb1b758-13a6e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80494

GET
H2 200 css
fonts.googleapis.com/ 1 KB
828 B 754ms
61ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=ABeeZee:regular,italic&subset=latin

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dba37a4ca06d29ea44c0150937fd31f65b8da846f90e67a54d4b189648d61bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 16:56:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:00:51 GMT

GET
H/1.1 200
OK css-c44b1-56556.css
xn----htbduqdciw.xn--p1ai/tx-assets/css/ 143 KB
143 KB 669ms
335ms Stylesheet
text/css 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/tx-assets/css/css-c44b1-56556.css

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

658f3f511392aa3e2094781219447ec64f97a8fa4129341914038f35a1c87c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:50 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 02 Mar 2021 20:42:53 GMT
Server: nginx/1.18.0
ETag: "603ea34d-23cab"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146603

GET
H2 200 css
fonts.googleapis.com/ 4 KB
764 B 755ms
63ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rajdhani:700|Nunito:300,400

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b1ed18aa84df5a07c628e36842c66f27b56336d011ad5232dda818f7443ded4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 17:00:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:00:51 GMT

GET
H/1.1 200
OK js-dabed-56556.js Show response
xn----htbduqdciw.xn--p1ai/tx-assets/js/ 151 KB
151 KB 511ms
169ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/tx-assets/js/js-dabed-56556.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

8c9b87fa2476f8a20115db7efed8af063f57c0ad1b479774cda97962dead9be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:50 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 13 Apr 2020 11:25:11 GMT
Server: nginx/1.18.0
ETag: "5e944c17-25a97"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154263

GET
H/1.1 200
OK jquery.easing.js Show response
xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/ 2 KB
3 KB 640ms
161ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/jquery.easing.js?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

b213c9766f8f076ca4469d5205332c18bcdbb70a5e986f3e76eef9cf4eb6990f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-8e6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2278

GET
H/1.1 200
OK wow.js Show response
xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/ 8 KB
8 KB 801ms
161ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/wow.js?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

de14e7dea9dab36966559a1cbec8fd41d0fbb21d519b1e8415bb959893511fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-2083"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8323

GET
H/1.1 200
OK jquery.magnific-popup.js Show response
xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/ 20 KB
20 KB 945ms
163ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/jquery.magnific-popup.js?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e7c8f63e0d2d003d33535837a840f58490308af3c7af990ff0e47482087a4902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-4e68"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20072

GET
H/1.1 200
OK quix.js Show response
xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/ 3 KB
3 KB 973ms
169ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/libraries/quix/assets/js/quix.js?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3c5fd05dd7b50a6a9131c8eae4bae12c1478a7195284852d1f3974a0da4cdd10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-bdb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3035

GET
H/1.1 200
OK jquery.matchHeight.js Show response
xn----htbduqdciw.xn--p1ai/templates/tx_meteor/quix/elements/meteor-joomla-articles/ 3 KB
3 KB 984ms
163ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/templates/tx_meteor/quix/elements/meteor-joomla-articles/jquery.matchHeight.js?ver=2.2.3

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2e202915a15ad98684b31faf19763a586121f9eeee9538424281e7a918c56cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "5c3bfd4c-ccd"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3277

GET
H/1.1 200
OK js-1f1c0-15285.js Show response
xn----htbduqdciw.xn--p1ai/tx-assets/js/ 104 KB
105 KB 1034ms
177ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/tx-assets/js/js-1f1c0-15285.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

8ec2de5deeb456247ba36e6d820c06f8965d9c5ae0fce8dd7d10922768620ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 04 May 2020 18:09:29 GMT
Server: nginx/1.18.0
ETag: "5eb05a59-1a10f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106767

GET
H2 200 jquery.lazy.min.js Show response
cdn.jsdelivr.net/jquery.lazy/1.7.4/ 5 KB
3 KB 87ms
27ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.lazy/1.7.4/jquery.lazy.min.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

657789d4c08945ff9f19b40ae8f7b9077fb296c8201725aa82ae9ba861d1e1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 17:00:50 GMT
age: 2563043
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2393
x-served-by: cache-fra-etou8220059-FRA, cache-mia-kmia1760034-MIA
etag: W/"136b-q9ULprDxE0vbx9hnyDZb09oMAqY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.lazy.plugins.min.js Show response
cdn.jsdelivr.net/jquery.lazy/1.7.4/ 4 KB
1 KB 87ms
28ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.lazy/1.7.4/jquery.lazy.plugins.min.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d2367cdb1ee8234af9e8422c8ada9ac1c5c11d1793a36005dc42961bc898235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 17:00:50 GMT
age: 2548223
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1347
x-served-by: cache-fra-etou8220023-FRA, cache-mia-kmia1760034-MIA
etag: W/"f1c-LgDbUk2YmawB/+GDDYxHjPA9buc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK js-01cdd-35340.js Show response
xn----htbduqdciw.xn--p1ai/tx-assets/js/ 3 KB
3 KB 1118ms
172ms Script
application/javascript 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/tx-assets/js/js-01cdd-35340.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ef5bbed46067690dfeabba9e80119df6ec3562fc55f5555b703595894307ed1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 13 Apr 2020 11:25:11 GMT
Server: nginx/1.18.0
ETag: "5e944c17-b4c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2892

GET
H/1.1 200
OK logo.png
xn----htbduqdciw.xn--p1ai/images/ 67 KB
67 KB 162ms
161ms Image
image/png 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/logo.png

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5d2aa1f7433ffbba7432a3eee9ff10f5a1d5045f65c16efe35babb283e3c7079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Sun, 10 May 2020 09:54:33 GMT
Server: nginx/1.18.0
ETag: "5eb7cf59-10bab"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68523

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 255ms
132ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

732c15c24701b16f2a6c037c721c6021eadd61efdb12f9ecff001de5bde74d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51461
x-xss-protection: 0
server: cafe
etag: 12112128185746913129
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 07 Feb 2024 17:00:51 GMT

GET
H/1.1 200
OK system.css
xn----htbduqdciw.xn--p1ai/media/system/css/ 1 KB
2 KB 168ms
168ms Stylesheet
text/css 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/media/system/css/system.css

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/tx-assets/css/css-c44b1-56556.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

a78e30adc0f491eb7917ed7a04c472151c7064c3fa7230009cf2abc19468b9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/tx-assets/css/css-c44b1-56556.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 09 Mar 2020 12:22:36 GMT
Server: nginx/1.18.0
ETag: "5e66350c-5a6"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1446

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 744ms
374ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9f8a6ade8f25185182301e10575c35eb52b92674d8e67012e5ad15331de8bb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Feb 2024 13:09:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65c22fa3-1188d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71821
expires: Wed, 07 Feb 2024 18:00:52 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t41.7;r;s1600*1200*24;uhttps%3A//xn----htbduqdciw.xn--p1ai/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20%u0420%u043E%u0434%u0438%u0442%u0435%u043B%u044F%u043C%20%...
https://counter.yadro.ru/hit?q;t41.7;r;s1600*1200*24;uhttps%3A//xn----htbduqdciw.xn--p1ai/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20%u0420%u043E%u0434%u0438%u0442%u0435%u043B%u044F%u043C%2...

104 B
590 B

167ms
167ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t41.7;r;s1600*1200*24;uhttps%3A//xn----htbduqdciw.xn--p1ai/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20%u0420%u043E%u0434%u0438%u0442%u0435%u043B%u044F%u043C%20%u041F%u0440%u043E-%u0414%u0435%u0442%u043E%u043A.%u0440%u0444;0.654032859617399

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

ab9da59c4e6b379ab136b4f4e7b8273c02c09ccce1db3dbb61b163b221df7394

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 17:00:52 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 104
Expires: Mon, 06 Feb 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 17:00:52 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t41.7;r;s1600*1200*24;uhttps%3A//xn----htbduqdciw.xn--p1ai/;h%u0413%u043B%u0430%u0432%u043D%u0430%u044F%20-%20%u0420%u043E%u0434%u0438%u0442%u0435%u043B%u044F%u043C%20%u041F%u0440%u043E-%u0414%u0435%u0442%u043E%u043A.%u0440%u0444;0.654032859617399
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 06 Feb 2023 21:00:00 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
38 KB 199ms
70ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:700|Nunito:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn----htbduqdciw.xn--p1ai
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 05:39:33 GMT
x-content-type-options: nosniff
age: 559278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 05:39:33 GMT

GET
H2 200 LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 15 KB
16 KB 184ms
56ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pa8FvOreec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:700|Nunito:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn----htbduqdciw.xn--p1ai
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:31:29 GMT
x-content-type-options: nosniff
age: 545362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:41:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:31:29 GMT

GET
H2 200 esDR31xSG-6AGleN2tWkkA.woff2
fonts.gstatic.com/s/abeezee/v22/ 17 KB
17 KB 256ms
140ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tWkkA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=ABeeZee:regular,italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b78ce1cbff9e258afa3a91f5b9a0fe64ce792691eda7f66b9eaad19e468e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn----htbduqdciw.xn--p1ai
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:07 GMT
x-content-type-options: nosniff
age: 462104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17072
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:27:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 08:39:07 GMT

GET
H2 200 XRXV3I6Li01BKofIMeaBXso.woff2
fonts.gstatic.com/s/nunito/v26/ 20 KB
20 KB 272ms
159ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIMeaBXso.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:700|Nunito:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76baf7ddc2473c482726d7265054924ed50794d89cf2a16496f5b950286b8958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn----htbduqdciw.xn--p1ai
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 00:25:43 GMT
x-content-type-options: nosniff
age: 578108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20708
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:23:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 00:25:43 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
xn----htbduqdciw.xn--p1ai/templates/tx_meteor/fonts/font-awesome/fonts/ 75 KB
76 KB 182ms
182ms Font
application/octet-stream 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://xn----htbduqdciw.xn--p1ai/templates/tx_meteor/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/tx-assets/css/css-c44b1-56556.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/tx-assets/css/css-c44b1-56556.css
Origin: https://xn----htbduqdciw.xn--p1ai
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 14 Jan 2019 03:09:00 GMT
Server: nginx/1.18.0
ETag: "12d68-57f625dc0eb00"
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
Expires: Thu, 06 Feb 2025 17:00:51 GMT

GET
H/1.1 200
OK 1_1.jpg
xn----htbduqdciw.xn--p1ai/images/stories/deti/ 55 KB
55 KB 174ms
163ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/deti/1_1.jpg

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

b526d77816ab4d998b5fbca1088b8cbf191a5f4aab39eefbe535c971ad17e501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 14 Apr 2020 19:02:14 GMT
Server: nginx/1.18.0
ETag: "5e9608b6-dbe7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56295

GET
H/1.1 200
OK 5-1.jpg
xn----htbduqdciw.xn--p1ai/images/stories/ 53 KB
53 KB 181ms
170ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/5-1.jpg

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

fac5923d94f4115f4698dfbf01e8b664c52d8d2437b763a3456cda9ff28bd8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 14 Apr 2020 18:59:46 GMT
Server: nginx/1.18.0
ETag: "5e960822-d334"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54068

GET
H/1.1 200
OK 2-1.jpg
xn----htbduqdciw.xn--p1ai/images/stories/deti/ 103 KB
103 KB 171ms
160ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/deti/2-1.jpg

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3734291eaba81f5724e393a818816072648a63bc0019f83c4999b93e269a5c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 14 Apr 2020 19:02:14 GMT
Server: nginx/1.18.0
ETag: "5e9608b6-19b17"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105239

GET
H/1.1 200
OK 3-1.jpg
xn----htbduqdciw.xn--p1ai/images/stories/food/ 71 KB
71 KB 177ms
166ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/food/3-1.jpg

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3fad30cdd4bf202fbba32773c66f663fca89a535a76ea381871cfce9c337e1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:51 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 14 Apr 2020 19:08:21 GMT
Server: nginx/1.18.0
ETag: "5e960a25-11ad0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72400

GET
H/1.1 200
OK 55.jpg
xn----htbduqdciw.xn--p1ai/images/stories/food/ 62 KB
62 KB 168ms
167ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/food/55.jpg

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

213ba3b129e6ba7b11d8da377049bfc220b77b84d9a4f5d2fe35e0f3af334ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:52 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Fri, 08 May 2020 19:49:58 GMT
Server: nginx/1.18.0
ETag: "5eb5b7e6-f7fa"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63482

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 406 KB
138 KB 141ms
140ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

871af13393572ae3073add078f33adfef3a67d6ba16ed3ff1cc0e9877c5f088a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140919
x-xss-protection: 0
server: cafe
etag: 12749835090343508719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 17:00:52 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/ Frame A1B1 9 KB
5 KB 249ms
53ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 85002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 17:24:10 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 17:24:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BDAD 123 KB
42 KB 823ms
822ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=220&slotname=6211502908&adk=3843801043&adf=2956701964&pi=t.ma~as.6211502908&w=1140&lmt=1707325252&format=1140x220&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252075&bpp=21&bdt=1580&idt=420&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&correlator=8645623342190&frm=20&pv=2&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=444

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1a0590683b09ec5bf498b6a050cea23f7ba298bdaf36aaea35aa7002c30b787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43037
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:00:53 GMT
expires: Wed, 07 Feb 2024 17:00:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 130A 140 KB
45 KB 445ms
444ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=460&slotname=7544480462&adk=4197587045&adf=1616622536&pi=t.ma~as.7544480462&w=360&lmt=1707325252&format=360x460&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252096&bpp=1&bdt=1601&idt=437&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=445

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ffb60c8c0450467675393cf6a7a1c0f3a02a24f3d20a87edfc74ae4c0202673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45581
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:00:52 GMT
expires: Wed, 07 Feb 2024 17:00:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3696 137 KB
44 KB 717ms
716ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=460&slotname=1805354038&adk=2832537058&adf=3355328797&pi=t.ma~as.1805354038&w=360&lmt=1707325252&format=360x460&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252097&bpp=1&bdt=1602&idt=456&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220%2C360x460&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=469

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bf370ea2e963cdb7d4aa7b97268f370bae3039fc6ed11159426424587d7648b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:00:53 GMT
expires: Wed, 07 Feb 2024 17:00:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7624 232 KB
58 KB 930ms
929ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&adk=1812271804&adf=3025194257&lmt=1707325252&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l&format=0x0&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252133&bpp=5&bdt=1639&idt=444&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220%2C360x460%2C360x460&nras=1&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=457

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a096963085e2e719f97443881d1401d17040ac0d06b1116aba613c9763e10f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 58986
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:00:53 GMT
expires: Wed, 07 Feb 2024 17:00:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10272.z0pcdr1qt4Dt1HWVwXUmOKcPM4VRK7up7sadmSJY5FO5BpNSBE_kI0vXCt3cBh2J.0qi14woH5mmN1pAul8hPMRx-tuI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10272.Lce1ql5WQoV3XwXnc0YAWA_hCE5MKs4pw2DKgieGmECDsEHqKF2muhp17p9A4Dom54hw6H-GnEe_EK6BFXY60I_8HuyAi3wwa6mNIGgSqe_n2vFnwz5Nz5IIhAHQgqz9QDIg3QRx5F...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10272.1BtZc2b9CStoY0X2blBsZKzBKF26_d4Y6XaqesS5B_2CSMsDAc0FA0OvrWQPqOMo80Vni0QecQ5GsPxfQCMuvMB2znO4pX4nUJ1rLFjwrXM63...

43 B
582 B

180ms
179ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10272.1BtZc2b9CStoY0X2blBsZKzBKF26_d4Y6XaqesS5B_2CSMsDAc0FA0OvrWQPqOMo80Vni0QecQ5GsPxfQCMuvMB2znO4pX4nUJ1rLFjwrXM63cQ8p1JdmHPkiYPYoZiCnx5A0oKGjc2nOTHd5zKGsIllJYDEAL48JIM1v2-rPZajcH1uYKfleTJXO3j8K_ICzNxm_i8EniBKcfUSNqRpNg%2C%2C.MnIvy5MmZFyHGW8fZv0K35dpz8I%2C

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:53 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10272.1BtZc2b9CStoY0X2blBsZKzBKF26_d4Y6XaqesS5B_2CSMsDAc0FA0OvrWQPqOMo80Vni0QecQ5GsPxfQCMuvMB2znO4pX4nUJ1rLFjwrXM63cQ8p1JdmHPkiYPYoZiCnx5A0oKGjc2nOTHd5zKGsIllJYDEAL48JIM1v2-rPZajcH1uYKfleTJXO3j8K_ICzNxm_i8EniBKcfUSNqRpNg%2C%2C.MnIvy5MmZFyHGW8fZv0K35dpz8I%2C
date: Wed, 07 Feb 2024 17:00:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
473 B 209ms
193ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Feb 2024 13:09:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65c22fa3-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 07 Feb 2024 18:00:52 GMT

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 4C00 2 KB
1 KB 226ms
226ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 862
content-type: text/html
date: Wed, 07 Feb 2024 17:00:53 GMT
etag: "65c22fa3-35e"
expires: Wed, 07 Feb 2024 18:00:53 GMT
last-modified: Tue, 06 Feb 2024 13:09:55 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ Frame 130A 14 KB
1 KB 68ms
67ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=460&slotname=7544480462&adk=4197587045&adf=1616622536&pi=t.ma~as.7544480462&w=360&lmt=1707325252&format=360x460&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252096&bpp=1&bdt=1601&idt=437&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=1088&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=445

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 16:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:00:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 130A 2 KB
1 KB 173ms
58ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:54:02 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8109006983815818925/ Frame 130A 112 KB
112 KB 217ms
106ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8109006983815818925/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca87f1fa21a44d838075fc6555f61217740df026b1a877c50c45e453b3a4f7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Wed, 07 Feb 2024 17:00:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114660
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 05:09:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Feb 2025 17:00:53 GMT

GET
DATA 200
OK truncated
/ Frame 130A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 130A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 130A 23 KB
9 KB 155ms
69ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 130A 3 KB
1 KB 147ms
62ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 130A 20 KB
8 KB 145ms
60ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 130A 205 KB
65 KB 80ms
62ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 17:00:53 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 130A 37 KB
16 KB 160ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 18:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 May 2024 18:11:44 GMT

GET
DATA 200
OK truncated
/ Frame 130A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6cf37fa8d338a76b8bd17e0f89efee78e46e914a6886cd1ce1b66af4fab321

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 3696 14 KB
1 KB 64ms
62ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=460&slotname=1805354038&adk=2832537058&adf=3355328797&pi=t.ma~as.1805354038&w=360&lmt=1707325252&format=360x460&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252097&bpp=1&bdt=1602&idt=456&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220%2C360x460&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=469

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 15:50:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:00:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 3696 2 KB
856 B 56ms
53ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:54:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame 3696 23 KB
9 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 3696 3 KB
1 KB 60ms
59ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 3696 20 KB
8 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:24 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3696 205 KB
65 KB 65ms
64ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 17:00:53 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 3696 37 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 03:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 May 2024 03:11:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BDAD 4 KB
655 B 63ms
62ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&h=220&slotname=6211502908&adk=3843801043&adf=2956701964&pi=t.ma~as.6211502908&w=1140&lmt=1707325252&format=1140x220&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252075&bpp=21&bdt=1580&idt=420&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&correlator=8645623342190&frm=20&pv=2&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 16:07:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:00:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame BDAD 2 KB
856 B 53ms
53ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:54:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame BDAD 23 KB
9 KB 55ms
52ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame BDAD 3 KB
1 KB 57ms
55ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame BDAD 20 KB
8 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:24 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDAD 205 KB
65 KB 103ms
102ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 17:00:53 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame BDAD 37 KB
15 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 18:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 03:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 May 2024 18:11:44 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 130A 33 KB
33 KB 54ms
52ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:28:47 GMT
x-content-type-options: nosniff
age: 545526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:28:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10726639201239587368/ Frame BDAD 34 KB
34 KB 87ms
87ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10726639201239587368/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6506690056eb956fc0d511fb6443589134d8a209dd175b2f0115d85fe257c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Wed, 07 Feb 2024 17:00:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34810
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 21:18:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Feb 2025 17:00:53 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9672630053582887867/ Frame BDAD 3 KB
3 KB 53ms
52ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9672630053582887867/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6785c7fea26206ab163226db955f0783fc35725b2092a742d6482b5539baa43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 11:55:56 GMT
date: Tue, 06 Feb 2024 11:55:56 GMT
x-content-type-options: nosniff
age: 104697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2855
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 18:20:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8295846021794220323/ Frame 3696 16 KB
16 KB 55ms
53ms Image
image/jpeg 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8295846021794220323/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2c17f6b67b83b7f353858d381970f211afa26203ea384fbec5246ecd5bec61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Thu, 06 Feb 2025 16:48:33 GMT
date: Wed, 07 Feb 2024 16:48:33 GMT
x-content-type-options: nosniff
age: 740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16206
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 18:37:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 3696 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3696 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BDAD 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b86f86a1237a932fdc667e803df34049991d84d1586d119c9bc9ba230ab7f47

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 130A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFqnBRLfDZceSJI22oPMP_KenyALA3YzRddmq8tSoEmQQASCxpZ8WYMmGgIDco8QQoAG7pceWKMgBCagDAcgDywSqBP0BT9BEEz1BaNrh8DvylS0mqT_iVxmHh50lxVx1FT7x6aKsaD_YUtv...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9791159c3289cff00000000000000000%22,%222%22:%220x60774a04a6d938300000000000000000%22,%223%22:%220x70bfcd...

0
0

212ms
108ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9791159c3289cff00000000000000000%22,%222%22:%220x60774a04a6d938300000000000000000%22,%223%22:%220x70bfcdf437f235f70000000000000000%22,%224%22:%220x1918b4c912a1682b0000000000000000%22,%225%22:%220xab5eb76ccfd024b40000000000000000%22},%22debug_key%22:%2216995435303548072216%22,%22debug_reporting%22:true,%22destination%22:%22https://smartanswers.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210784723643%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223730890290662106609%22}&andc=true

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9791159c3289cff00000000000000000","2":"0x60774a04a6d938300000000000000000","3":"0x70bfcdf437f235f70000000000000000","4":"0x1918b4c912a1682b0000000000000000","5":"0xab5eb76ccfd024b40000000000000000"},"debug_key":"16995435303548072216","debug_reporting":true,"destination":"https://smartanswers.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10784723643"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"3730890290662106609"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 17:00:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 17:00:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9791159c3289cff00000000000000000","2":"0x60774a04a6d938300000000000000000","3":"0x70bfcdf437f235f70000000000000000","4":"0x1918b4c912a1682b0000000000000000","5":"0xab5eb76ccfd024b40000000000000000"},"debug_key":"16995435303548072216","debug_reporting":true,"destination":"https://smartanswers.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10784723643"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"3730890290662106609"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js Show response
pagead2.googlesyndication.com/bg/ Frame 229B 50 KB
19 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2f07dae83fb983cf823e03f7c31d8c57499966de88f9f8e50d3aa15075e6c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19795
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 16:45:55 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/14931604/
Redirect Chain

https://mc.yandex.com/watch/14931604?wmode=7&page-url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/14931604/1?wmode=7&page-url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Au...

447 B
566 B

188ms
180ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/14931604/1?wmode=7&page-url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A242269718125%3Ahid%3A395876810%3Az%3A-600%3Ai%3A20240207070052%3Aet%3A1707325253%3Ac%3A1%3Arn%3A644789874%3Arqn%3A1%3Au%3A1707325253406570631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C370%2C765%2C1%2C0%2C0%2C%2C1366%2C18%2C%2C%2C%2C2825%3Aco%3A0%3Acpf%3A1%3Ans%3A1707325249034%3Afp%3A2843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707325254%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%A0%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%D0%BC%20%D0%9F%D1%80%D0%BE-%D0%94%D0%B5%D1%82%D0%BE%D0%BA.%D1%80%D1%84&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b40603fc9aa395f891d4f842bf0fb254d9db0805e6e2d9a37e9e94a0d97b2dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:00:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 07-Feb-2024 17:00:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn----htbduqdciw.xn--p1ai
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 07-Feb-2024 17:00:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:00:53 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 07-Feb-2024 17:00:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/14931604/1?wmode=7&page-url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1231%3Acn%3A1%3Adp%3A0%3Als%3A242269718125%3Ahid%3A395876810%3Az%3A-600%3Ai%3A20240207070052%3Aet%3A1707325253%3Ac%3A1%3Arn%3A644789874%3Arqn%3A1%3Au%3A1707325253406570631%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C370%2C765%2C1%2C0%2C0%2C%2C1366%2C18%2C%2C%2C%2C2825%3Aco%3A0%3Acpf%3A1%3Ans%3A1707325249034%3Afp%3A2843%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707325254%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20-%20%D0%A0%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%D0%BC%20%D0%9F%D1%80%D0%BE-%D0%94%D0%B5%D1%82%D0%BE%D0%BA.%D1%80%D1%84&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin: https://xn----htbduqdciw.xn--p1ai
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 07-Feb-2024 17:00:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7624 0
20 B 118ms
117ms Ping
image/gif 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20240206&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3927613342984110&output=html&adk=1812271804&adf=3025194257&lmt=1707325252&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l&format=0x0&url=https%3A%2F%2Fxn----htbduqdciw.xn--p1ai%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707325252133&bpp=5&bdt=1639&idt=444&shv=r20240206&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x220%2C360x460%2C360x460&nras=1&correlator=8645623342190&frm=20&pv=1&ga_vid=1142676079.1707325253&ga_sid=1707325253&ga_hid=997025043&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C31080649%2C31080797%2C31080887%2C42532523%2C44795921%2C95320376%2C95320869%2C95324155%2C95324161&oid=2&pvsid=3068872205251969&tmod=306224087&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=457

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:00:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3696 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a3ed8a642ec85a94331ebf001056c5a86fcb3b34d1ae14b5d7ad154207eafeb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 211ms
106ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 17:00:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 165 KB
56 KB 123ms
123ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f42d62f6fea58c9e7ac2905c9e339c0270a7a9e6ab89abf33f03657b1324981d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57026
x-xss-protection: 0
server: cafe
etag: 5640428284649518717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 17:00:53 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 3696 33 KB
33 KB 54ms
53ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:28:47 GMT
x-content-type-options: nosniff
age: 545526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:28:47 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BDAD 15 KB
16 KB 56ms
52ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:18:35 GMT
x-content-type-options: nosniff
age: 546138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:18:35 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BDAD 15 KB
15 KB 60ms
57ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:31:21 GMT
x-content-type-options: nosniff
age: 545372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:31:21 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BDAD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C88BZRLfDZYSWI-mC3rsP0rKF8A3DhYqjc7iVivCEEsiLhZ4LEAEgsaWfFmDJhoCA3KPEEKABz5DzvCjIAQmoAwHIA8sEqgT-AU_Q1FipDpzE19iGlCI8o54PfIAmrhmX0YqBL-6DoNOB2l9...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd0157d634366601a0000000000000000%22,%222%22:%220x3dd9783f81477c290000000000000000%22,%223%22:%220x5cf338...

0
0

109ms
109ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd0157d634366601a0000000000000000%22,%222%22:%220x3dd9783f81477c290000000000000000%22,%223%22:%220x5cf338cd8dbf11850000000000000000%22,%224%22:%220x97601dc4dd4cff650000000000000000%22,%225%22:%220x295548e4b048b7250000000000000000%22},%22debug_key%22:%222631575546813263112%22,%22debug_reporting%22:true,%22destination%22:%22https://prescriberpoint.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210865133647%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228909644069572616625%22}&andc=true

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xd0157d634366601a0000000000000000","2":"0x3dd9783f81477c290000000000000000","3":"0x5cf338cd8dbf11850000000000000000","4":"0x97601dc4dd4cff650000000000000000","5":"0x295548e4b048b7250000000000000000"},"debug_key":"2631575546813263112","debug_reporting":true,"destination":"https://prescriberpoint.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10865133647"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"8909644069572616625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 17:00:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 17:00:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd0157d634366601a0000000000000000","2":"0x3dd9783f81477c290000000000000000","3":"0x5cf338cd8dbf11850000000000000000","4":"0x97601dc4dd4cff650000000000000000","5":"0x295548e4b048b7250000000000000000"},"debug_key":"2631575546813263112","debug_reporting":true,"destination":"https://prescriberpoint.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10865133647"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"8909644069572616625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3696
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5O5TRLfDZbmMJvSUoPMP74m8yAT1rczcdYe92tmaEsv848qwCRABILGlnxZgyYaAgNyjxBCgAen99c8DyAEJqAMByAPLBKoE-gFP0F_-jrru1o_jpVleWzQakrTr_DM3jxzYp--G1B0nFyy...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc766af1e02ce28580000000000000000%22,%222%22:%220xfb0dec3af78b9e750000000000000000%22,%223%22:%220xc0cc5f...

0
0

111ms
110ms

Fetch
text/css

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc766af1e02ce28580000000000000000%22,%222%22:%220xfb0dec3af78b9e750000000000000000%22,%223%22:%220xc0cc5f219952dc0000000000000000%22,%224%22:%220x21a163eff0756d2c0000000000000000%22,%225%22:%220xd59f73686f13783f0000000000000000%22},%22debug_key%22:%226184345084319992607%22,%22debug_reporting%22:true,%22destination%22:%22https://searchcommons.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2202-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221965126393805205473%22}&andc=true

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc766af1e02ce28580000000000000000","2":"0xfb0dec3af78b9e750000000000000000","3":"0xc0cc5f219952dc0000000000000000","4":"0x21a163eff0756d2c0000000000000000","5":"0xd59f73686f13783f0000000000000000"},"debug_key":"6184345084319992607","debug_reporting":true,"destination":"https://searchcommons.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"1965126393805205473"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 17:00:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 17:00:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc766af1e02ce28580000000000000000","2":"0xfb0dec3af78b9e750000000000000000","3":"0xc0cc5f219952dc0000000000000000","4":"0x21a163eff0756d2c0000000000000000","5":"0xd59f73686f13783f0000000000000000"},"debug_key":"6184345084319992607","debug_reporting":true,"destination":"https://searchcommons.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["02-07"],"6":["true"]},"priority":"500","source_event_id":"1965126393805205473"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js Show response
pagead2.googlesyndication.com/bg/ Frame FAD8 50 KB
19 KB 55ms
53ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2f07dae83fb983cf823e03f7c31d8c57499966de88f9f8e50d3aa15075e6c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19795
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 16:45:55 GMT

GET
H3 200 Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js Show response
pagead2.googlesyndication.com/bg/ Frame A95D 51 KB
19 KB 64ms
63ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19746
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 21:01:36 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 108ms
106ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 17:00:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 109ms
108ms Preflight
text/html 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 17:00:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/ Frame 2623 9 KB
4 KB 55ms
53ms Document
text/html 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 83531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 17:48:42 GMT
etag: 3890843268177463596
expires: Tue, 20 Feb 2024 17:48:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 2623 4 KB
671 B 65ms
64ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 16:12:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:00:54 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2623 205 B
229 B 58ms
55ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 16:00:43 GMT
x-content-type-options: nosniff
age: 3611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Feb 2025 16:00:43 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2623 604 B
628 B 58ms
56ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:57:00 GMT
x-content-type-options: nosniff
age: 3834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Feb 2025 15:57:00 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 2623 16 KB
7 KB 59ms
56ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 14:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 14359709190881042667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 14:22:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame 2623 22 KB
9 KB 60ms
57ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:57:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A70C 6 KB
706 B 65ms
65ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 17:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 15:01:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 17:00:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame A70C 2 KB
822 B 55ms
55ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:54:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame A70C 23 KB
9 KB 57ms
55ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame A70C 3 KB
1 KB 76ms
74ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame A70C 20 KB
8 KB 64ms
62ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:24 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A70C 205 KB
65 KB 77ms
75ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 17:00:54 GMT

GET
H3 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame A70C 37 KB
15 KB 62ms
60ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 03:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 May 2024 03:11:43 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 4-1.jpg
xn----htbduqdciw.xn--p1ai/images/stories/ 108 KB
108 KB 314ms
312ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/4-1.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2fb93a722964ff382da5f3c15324146c1120e6131552751608c58e2d5a2b7d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:54 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 14 Apr 2020 18:59:46 GMT
Server: nginx/1.18.0
ETag: "5e960822-1ae73"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110195

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 227ms
122ms XHR
application/json 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf388a6cb41a6a6ed78e7de642352a573bced1894ab0472351ea725043fa0e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12389
x-xss-protection: 0

GET
H3 200 ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js Show response
pagead2.googlesyndication.com/bg/ Frame B6B6 50 KB
19 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ovB9roP7mDz4I-A_fDHYxXSZlm3oj5-OUNOqFQdebIg.js

Requested by

Host: xn----htbduqdciw.xn--p1ai
URL: https://xn----htbduqdciw.xn--p1ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2f07dae83fb983cf823e03f7c31d8c57499966de88f9f8e50d3aa15075e6c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 16:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19795
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 16:45:55 GMT

GET
H/1.1 200
OK baby-218194_1280.jpg
xn----htbduqdciw.xn--p1ai/images/stories/food/ 89 KB
89 KB 327ms
326ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/food/baby-218194_1280.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d7e339b90af6afeb179bc90517fd8d528537217e6680896d45630036306f2530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:54 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Fri, 08 May 2020 19:50:25 GMT
Server: nginx/1.18.0
ETag: "5eb5b801-162b6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90806

GET
H/1.1 200
OK the-little-girl-3045364_1280.jpg
xn----htbduqdciw.xn--p1ai/images/stories/food/ 96 KB
96 KB 321ms
320ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/food/the-little-girl-3045364_1280.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

11f6313c9786016ba3da1ccec5ff088e05b90c9b3e8ae37456327e1d4bbe6ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:54 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Fri, 08 May 2020 19:49:58 GMT
Server: nginx/1.18.0
ETag: "5eb5b7e6-17eed"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98029

GET
H/1.1 200
OK 19-1.jpg
xn----htbduqdciw.xn--p1ai/images/stories/beremen/svadeb/ 64 KB
64 KB 338ms
338ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/beremen/svadeb/19-1.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9ba36e6871d47101de256fab9607cbb913246324fa214daf401d8142da23470e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:54 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 14 Apr 2020 19:01:46 GMT
Server: nginx/1.18.0
ETag: "5e96089a-fe0c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65036

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 17:00:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E89A 13 KB
5 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 16:29:27 GMT
expires: Thu, 06 Feb 2025 16:29:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF0E 829 B
1 KB 187ms
77ms Document
text/html 2607:f8b0:4004:c09::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::67 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea0d817873ceff35aa3f58604b879ac663421d349accdf007756fd581e5138e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PWeYRkrzcnWNtabwANNJzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn----htbduqdciw.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PWeYRkrzcnWNtabwANNJzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 17:00:54 GMT
expires: Wed, 07 Feb 2024 17:00:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BDAD 42 B
64 B 112ms
112ms Fetch
image/gif 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDZ65ifdhVTAiI4bSZJf36FtYClm-e29OrkP6Zvr_e0awDKIqXf5QzTvZWqdLuF5AHLN3oAenhoeQKUbMuKpiOU34o5vCWzwyIC-fxA9pLNSSPoIARJOuM1Yho6oBkXmhO5ox_Wuzzfh5wqfJUqBc7kc-B87N2Lys&sai=AMfl-YTn8zJK81et385HGGqo3JOFumpKaAcIy5bdxIxGr9kdjbcCdL1phDEqTKn1bxS6L4fjbO_HM5tX6tWP5o81UXYgumhz_mNXcOIqiqnu2Pq6Sgg-ZxB2jbUubsyrFrWz2Zjb1HN9PwFxN4CdQK7g&sig=Cg0ArKJSzBTlFhJnWJXzEAE&cid=CAQSTgAvHhf_frwecyqZj1omfk79ojdMpOz7W3ykR0DqkhSc4jrCI_-6T8-QkohxGB8gCCyXBCZMKvtytHUjHT-fiKBRVqjiOzQ0WY1ametB7RgB&id=lidar2&mcvt=1000&p=0,0,220,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3843801043&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=325805300&rst=1707325252524&rpt=1237&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 17:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame E89A 39 KB
15 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 20:54:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF0E 0
0 110ms
109ms Image
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240206&jk=3068872205251969&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E89A 0
10 B 52ms
52ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?thGtKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:00:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 4-1.jpg
xn----htbduqdciw.xn--p1ai/images/stories/ 108 KB
108 KB 166ms
164ms Image
image/jpeg 2001:41d0:602:1f56::
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn----htbduqdciw.xn--p1ai/images/stories/4-1.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:41d0:602:1f56:: , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2fb93a722964ff382da5f3c15324146c1120e6131552751608c58e2d5a2b7d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 17:00:55 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 14 Apr 2020 18:59:46 GMT
Server: nginx/1.18.0
ETag: "5e960822-1ae73"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110195

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 119ms
118ms Image
text/html 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240206&jk=3068872205251969&bg=!3d6l3pHNAAaxkZ3akZE7ADQBe5WfOBNNmnrthCPizTdYlNPJFjjw3ReM4410ptTpQkVtsigvfHrFwJ-qLy7k9uyKaiXIAgAAAiVSAAAABWgBBwoAq_Jjpax-FJ7wBkbFAA8Zmz58ho5t_ozHdO1mQiCsntq2Dw6pNxtJM4iLM0xltS5m3hmb9rMj0-3rYC2kacSNZyDylRj15I1W5Dbc5RMAHb4sbhlMgmeGbmdUwG3hc59SNcGuAMDmKxpKqrLGQWsWw6XkKSE79mRnoVGM-unwecl4-jisYceZApPNhNoCcVuKFtI2hYpNqUGyzNg3kZAhFJb8f4io5jjwT0khe5kCyc69ehY5FHfmGdjgZmKdiR6IHcydhR3wdOvbNRGKM1ZsKoFk011Lil_jITCWPq-2ZaoTcZ10k7AzfJVETMtGnuGMHQejE5cvm1IPgD3ijvx9v45idPTAlO_VOQKW09zNGwQC7j5EjoNwieci_eP5kBrb2d9-f4BHbbokKOhGZR1eeSZAqNlhJeBuezJmj2wvi566Jn6G-qADlUvjxijBXYzMxXKVZe-M6ShKkRtF0fZ2dGoQqY1a9f-45HDpGXmIVM0iEnfheH3kyk-M0fcb-f5iyAgCUiS4bSlOXz8YfPbAexHDbejoAblboPUCKSkC_pXXJrKZsi0CJBglCHkEUDiIY3mTM0rSiQKI5bEA7VV9IQTouYwv-CC2VsrxsAUMUrun6ra211kPl6DxJDoU02Xarp9opYZDUMWji2TIPzTQmYvz5IQnh6EYpGAmwqdhvysdcjQJkLwBAtH62WmlvDw4OqRs77pBhVFQEj0FGK954NaGeoLid-3pzE7HTXfgGY_ZigsVyB6J_IAXexh3WVFs-OuZAWsAFLkcVgpP-VVxqbUSpteNmeFTJ8j2PXICEhvMKAKc7ZY3cUZubbkSwIErxJOirA411vNw9NJrrD-AAVnuyYTvm4h2TuXmgrbFpmlFLKCVs5bZwlTXnr1fi5c7F2IyROVhW191PTQRm-xCpm4jq8jy4_i19jDb3lWTy_tJqWmlmDeOhde-Sm4jYwCUCTgwK-T3eYoe-IAwa7WBuHfuGOsruYfTmU2Fe2_ZqDeEAeQRXjhHXgqLcjGeaIbjwSKeSqgYE6lddh97uZMkPHR_DKINrOpCl0apoPUC5_6SDQpVp8IP6CskKS31PInEubxuneOtZ-hJ_r1m8NmDI1Otz73b3TVjCve2Xyx823XxzPgMp1yqSs_A7NlY_ojpMHHtD9M73Hl1RKmsP1YRyb422yde6825
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xn----htbduqdciw.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xn----htbduqdciw.xn--p1ai/	1969-12-31 23:59:59	Name: 5ace6f3a4d24dd573ac17bfbda3d809f Value: f483498dc18bcd3431140827efc6f285
.yadro.ru/	1970-01-21 02:59:49	Name: FTID Value: 1bmxT42QIoek1bmxT40024dL
.yadro.ru/	1970-01-21 02:59:49	Name: VID Value: 1Y9khq3-Y98k1bmxT4002IdE
.xn----htbduqdciw.xn--p1ai/	1970-01-21 03:01:01	Name: _ym_uid Value: 1707325253406570631
.xn----htbduqdciw.xn--p1ai/	1970-01-21 03:01:01	Name: _ym_d Value: 1707325253
.mc.yandex.com/	1970-01-20 18:15:25	Name: sync_cookie_csrf Value: 1924800775fake
.yandex.com/	1970-01-21 03:51:25	Name: i Value: vpQkFfugHaWSCk8AbsfMC6C7Cp7gSTu5LeWK9CNAtdQCyLyxd+RGUEv8bC3eJfHPYSgaXGYwjzV4NuKziZeEXdhJN1E=
.yandex.com/	1970-01-21 03:01:01	Name: yandexuid Value: 638563821707325252
.xn----htbduqdciw.xn--p1ai/	1970-01-20 18:16:37	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 18:15:25	Name: sync_cookie_csrf Value: 636339017fake
.mc.yandex.com/	1970-01-20 18:16:51	Name: sync_cookie_ok Value: synced
.xn----htbduqdciw.xn--p1ai/	1970-01-21 03:37:01	Name: __gads Value: ID=14e4a73fecba426a:T=1707325252:RT=1707325252:S=ALNI_MYFVk8sHcXZjgWUTB0G5yq_877fkQ
.xn----htbduqdciw.xn--p1ai/	1970-01-21 03:37:01	Name: __gpi Value: UID=00000a0beab6c046:T=1707325252:RT=1707325252:S=ALNI_MbiU8FeeuJBZHuDHUFJuEMndKGe9A
.xn----htbduqdciw.xn--p1ai/	1970-01-20 22:34:37	Name: __eoi Value: ID=76dd55b09b5be304:T=1707325252:RT=1707325252:S=AA-AfjYDxfo2JStLVr7WoqJzPl4P
.yandex.ru/	1970-01-21 03:51:25	Name: yandexuid Value: 638563821707325252
.yandex.ru/	1970-01-21 03:51:25	Name: yuidss Value: 638563821707325252
.yandex.ru/	1970-01-21 03:51:25	Name: i Value: vpQkFfugHaWSCk8AbsfMC6C7Cp7gSTu5LeWK9CNAtdQCyLyxd+RGUEv8bC3eJfHPYSgaXGYwjzV4NuKziZeEXdhJN1E=
.yandex.ru/	1970-01-21 03:51:25	Name: yp Value: 1707411653.yu.9468212661707325252
.yandex.ru/	1970-01-21 03:01:01	Name: ymex Value: 1709917253.oyu.9468212661707325252
.doubleclick.net/	1970-01-21 03:51:25	Name: IDE Value: AHWqTUlCEwQOXnfcPjBjVjXuv4aktLy_SLHeue0-MGKh79P65BlTpsn6ixNJP7LgjIA
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1822009941707325253
.yandex.com/	1970-01-21 03:01:01	Name: yuidss Value: 638563821707325252
.yandex.com/	1970-01-21 03:01:01	Name: ymex Value: 1738861253.yrts.1707325253
.yandex.com/	1970-01-21 03:01:01	Name: bh Value: KgI/MA==
.googleadservices.com/	1970-01-20 20:25:01	Name: ar_debug Value: 1

56 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xn----htbduqdciw.xn--p1ai/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
xn----htbduqdciw.xn--p1ai
172.253.63.154
2001:41d0:602:1f56::
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::67
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1d::9a
2a02:6b8::1:119
2a04:4e42:200::485
88.212.201.204
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
11f6313c9786016ba3da1ccec5ff088e05b90c9b3e8ae37456327e1d4bbe6ddb
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1b1ed18aa84df5a07c628e36842c66f27b56336d011ad5232dda818f7443ded4
1d2367cdb1ee8234af9e8422c8ada9ac1c5c11d1793a36005dc42961bc898235
1fba9fe245ea83241425e2ce6205dbf2277fc0b74290bf502bc3de430b3c6da0
213ba3b129e6ba7b11d8da377049bfc220b77b84d9a4f5d2fe35e0f3af334ae3
233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e202915a15ad98684b31faf19763a586121f9eeee9538424281e7a918c56cc6
2fb93a722964ff382da5f3c15324146c1120e6131552751608c58e2d5a2b7d30
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3734291eaba81f5724e393a818816072648a63bc0019f83c4999b93e269a5c08
3983dcb579bf362b96c2e378b208d16abfbfe536613b65b81873c2787ebe2857
3a3ed8a642ec85a94331ebf001056c5a86fcb3b34d1ae14b5d7ad154207eafeb
3c5fd05dd7b50a6a9131c8eae4bae12c1478a7195284852d1f3974a0da4cdd10
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3fad30cdd4bf202fbba32773c66f663fca89a535a76ea381871cfce9c337e1f6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
5b86f86a1237a932fdc667e803df34049991d84d1586d119c9bc9ba230ab7f47
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2aa1f7433ffbba7432a3eee9ff10f5a1d5045f65c16efe35babb283e3c7079
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657789d4c08945ff9f19b40ae8f7b9077fb296c8201725aa82ae9ba861d1e1b8
658f3f511392aa3e2094781219447ec64f97a8fa4129341914038f35a1c87c72
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7092b870a61c2019b0ce2547febd17b21d397ec3e699d938d56df9304f07c1a1
732c15c24701b16f2a6c037c721c6021eadd61efdb12f9ecff001de5bde74d19
76baf7ddc2473c482726d7265054924ed50794d89cf2a16496f5b950286b8958
7bf370ea2e963cdb7d4aa7b97268f370bae3039fc6ed11159426424587d7648b
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
871af13393572ae3073add078f33adfef3a67d6ba16ed3ff1cc0e9877c5f088a
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
8c9b87fa2476f8a20115db7efed8af063f57c0ad1b479774cda97962dead9be8
8ec2de5deeb456247ba36e6d820c06f8965d9c5ae0fce8dd7d10922768620ad3
8ffb60c8c0450467675393cf6a7a1c0f3a02a24f3d20a87edfc74ae4c0202673
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ba36e6871d47101de256fab9607cbb913246324fa214daf401d8142da23470e
9f8a6ade8f25185182301e10575c35eb52b92674d8e67012e5ad15331de8bb61
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
a096963085e2e719f97443881d1401d17040ac0d06b1116aba613c9763e10f48
a1a0590683b09ec5bf498b6a050cea23f7ba298bdaf36aaea35aa7002c30b787
a2f07dae83fb983cf823e03f7c31d8c57499966de88f9f8e50d3aa15075e6c88
a78e30adc0f491eb7917ed7a04c472151c7064c3fa7230009cf2abc19468b9e7
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab9da59c4e6b379ab136b4f4e7b8273c02c09ccce1db3dbb61b163b221df7394
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b213c9766f8f076ca4469d5205332c18bcdbb70a5e986f3e76eef9cf4eb6990f
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b40603fc9aa395f891d4f842bf0fb254d9db0805e6e2d9a37e9e94a0d97b2dfa
b526d77816ab4d998b5fbca1088b8cbf191a5f4aab39eefbe535c971ad17e501
be2c17f6b67b83b7f353858d381970f211afa26203ea384fbec5246ecd5bec61
bf388a6cb41a6a6ed78e7de642352a573bced1894ab0472351ea725043fa0e4d
c6e0cc10b627fb2c7c2820a43fdba7371df5d07198993166f8afdc5675f97def
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
ca87f1fa21a44d838075fc6555f61217740df026b1a877c50c45e453b3a4f7c6
cefaae4bb96907ee5618394978255228f936212149a484dd0d2f531aacf04e19
d7e339b90af6afeb179bc90517fd8d528537217e6680896d45630036306f2530
dba37a4ca06d29ea44c0150937fd31f65b8da846f90e67a54d4b189648d61bf7
de14e7dea9dab36966559a1cbec8fd41d0fbb21d519b1e8415bb959893511fc4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47b430094930ac62c0ea935cc3aa70d3b3c315e871760afca51ad930cb6b3ad
e6506690056eb956fc0d511fb6443589134d8a209dd175b2f0115d85fe257c43
e6785c7fea26206ab163226db955f0783fc35725b2092a742d6482b5539baa43
e7c8f63e0d2d003d33535837a840f58490308af3c7af990ff0e47482087a4902
e9b78ce1cbff9e258afa3a91f5b9a0fe64ce792691eda7f66b9eaad19e468e83
ea0d817873ceff35aa3f58604b879ac663421d349accdf007756fd581e5138e9
ea6cf37fa8d338a76b8bd17e0f89efee78e46e914a6886cd1ce1b66af4fab321
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5bbed46067690dfeabba9e80119df6ec3562fc55f5555b703595894307ed1e
f42d62f6fea58c9e7ac2905c9e339c0270a7a9e6ab89abf33f03657b1324981d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fac5923d94f4115f4698dfbf01e8b664c52d8d2437b763a3456cda9ff28bd8bb

xn----htbduqdciw.xn--p1ai Open in urlscan Pro Puny про-деток.рф IDN 2001:41d0:602:1f56:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

95 %HTTPS

83 %IPv6

12 Domains

14 Subdomains

13 IPs

3 Countries

3201 kBTransfer

5352 kBSize

25 Cookies

4 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn----htbduqdciw.xn--p1ai Open in urlscan Pro Puny
про-деток.рф IDN
2001:41d0:602:1f56:: Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

95 %
HTTPS

83 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

3201 kB
Transfer

5352 kB
Size

25
Cookies

112 HTTP transactions
10 data transactions