hi.ru Open in urlscan Pro
2a00:15f8:a000:5:1:11:5:3f30 Public Scan

URL:
https://hi.ru/?md81
Submission: On April 13 via manual (April 13th 2021, 7:38:49 am UTC) from RS

Summary HTTP 259 Redirects Links 85 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 36 domains to perform 259 HTTP transactions. The main IP is 2a00:15f8:a000:5:1:11:5:3f30, located in Russian Federation and belongs to MASTERHOST-AS Moscow, Russia, RU. The main domain is hi.ru.
TLS certificate: Issued by R3 on February 23rd 2021. Valid for: 3 months.

This is the only time hi.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a00:15f8:a00... 2a00:15f8:a000:5:1:11:5:3f30	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:15f8:a00... 2a00:15f8:a000:5:1:14:7:1fd5	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	198.24.170.50 198.24.170.50	19437 (SS-ASH) (SS-ASH)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 31	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
26	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5 5	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
19	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5 5	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
4	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	152.199.21.117 152.199.21.117	15133 (EDGECAST) (EDGECAST)
3	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2 2	54.149.220.116 54.149.220.116	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	188.138.33.34 188.138.33.34	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
6	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
4	13.226.155.106 13.226.155.106	16509 (AMAZON-02) (AMAZON-02)
2	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
4	52.213.184.2 52.213.184.2	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2013	15169 (GOOGLE) (GOOGLE)
259	43

26 2a00:15f8:a000:5:1:11:5:3f30 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

hi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:15f8:a000:5:1:14:7:1fd5 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

photoshosting.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.24.170.50 (Ashburn, United States)

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.253.211 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.115 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.30.24.241 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.69.120 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.21.117 (United States)

ASN15133 (EDGECAST, US)

ssl.cdne.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.190 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Ketsch, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.220.116 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-220-116.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.138.33.34 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: loft9037.serverprofi24.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.155.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-106.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.184.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	349 KB
38	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	117 KB
32	photoshosting.ru photoshosting.ru	512 KB
26	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	769 KB
26	hi.ru hi.ru tv.hi.ru Failed	311 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	238 KB
8	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	210 KB
8	webgains.com track.webgains.com diapi.webgains.com	197 KB
7	googletagservices.com www.googletagservices.com	244 KB
6	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net	9 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal90003.redintelligence.net	9 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com	5 KB
5	pubmatic.com 5 redirects image6.pubmatic.com	4 KB
5	openx.net 5 redirects rtb.openx.net	2 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	google.com 2 redirects adservice.google.com www.google.com	1 KB
5	cpmstar.com server.cpmstar.com ssl.cdne.cpmstar.com	35 KB
4	m-t.io w-it.m-t.io	475 B
4	awin1.com www.awin1.com	3 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com	1 KB
3	quantserve.com cms.quantserve.com	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	471 B
2	google.de adservice.google.de	2 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	699 B
2	yandex.ru 1 redirects mc.yandex.ru	44 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	contentspread.net cdn.contentspread.net	64 KB
1	mookie1.com odr.mookie1.com	324 B
1	googleadservices.com partner.googleadservices.com	635 B
1	criteo.com gum.criteo.com	150 B
1	criteo.net static.criteo.net	37 KB
259	36

	Domain	Requested by
32	photoshosting.ru	hi.ru
31	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net hi.ru tpc.googlesyndication.com pagead2.googlesyndication.com
26	hi.ru	hi.ru
19	cm.g.doubleclick.net	hi.ru googleads.g.doubleclick.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hi.ru
14	pagead2.googlesyndication.com	hi.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	assets.ad4m.at	as.ad4m.at
10	ad4m.at	googleads.g.doubleclick.net ad4m.at
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	track.webgains.com	as.ad4m.at analytics.webgains.io
5	ssum-sec.casalemedia.com	5 redirects
5	image6.pubmatic.com	5 redirects
5	rtb.openx.net	5 redirects
5	mc.yandex.com	2 redirects hi.ru
4	w-it.m-t.io	analytics-wg.webgains.io
4	api.webgains.io	analytics.webgains.io
4	www.awin1.com	as.ad4m.at
4	as.ad4m.at	ad4m.at as.ad4m.at
4	hal90003.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90003.redintelligence.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	ssl.cdne.cpmstar.com	hi.ru
3	pixel.rubiconproject.com	3 redirects
3	id.rlcdn.com	2 redirects hi.ru
3	cms.quantserve.com	googleads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects hi.ru
2	analytics-wg.webgains.io	analytics.webgains.io
2	diapi.webgains.com	track.webgains.com
2	analytics.webgains.io	track.webgains.com
2	e.dlx.addthis.com	2 redirects
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	ad4mat.net	ad4m.at
2	static-de.ad4mat.net	ad4m.at
2	googlecm.hit.gemius.pl	2 redirects
2	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.tns-counter.ru	1 redirects hi.ru
2	mc.yandex.ru	1 redirects hi.ru
2	server.cpmstar.com	hi.ru server.cpmstar.com
2	counter.yadro.ru	1 redirects hi.ru
2	fonts.googleapis.com	hi.ru googleads.g.doubleclick.net
1	cdn.contentspread.net	hal90003.redintelligence.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	hi.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	gum.criteo.com	static.criteo.net
1	static.criteo.net	hi.ru
0	tv.hi.ru Failed	hi.ru
259	54

This site contains links to these domains. Also see Links.

Domain
search.hi.ru
mail.hi.ru
news.hi.ru
finance.hi.ru
pogoda.hi.ru
tv.hi.ru
otvet.hi.ru
games.hi.ru
online.hi.ru
soft.hi.ru
translate.hi.ru
maps.hi.ru
id.hi.ru
server.cpmstar.com
corp.hi.ru
vk.com
www.facebook.com
ok.ru
twitter.com

Subject Issuer	Validity	Valid
*.hi.ru R3	`2021-02-23` - `2021-05-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
photoshosting.ru R3	`2021-02-23` - `2021-05-24`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2020-06-30` - `2022-09-18`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
ssl.cdne.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2021-02-24` - `2022-03-28`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
redintelligence.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
cdn.contentspread.net Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2021-07-08`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-04-09` - `2021-07-09`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://hi.ru/?md81
Frame ID: BA85ABE21F5BEE905C03989073929458
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210407/r20190131/zrt_lookup.html
Frame ID: A4A1F61335CCAAB8CB9BFE39EDCAAC8D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=hi.ru
Frame ID: 079C5ACB01C0709FE427D4A8BE478046
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1618299508&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&ea=0&flash=0&pra=5&wgl=1&dt=1618299508247&bpp=14&bdt=356&idt=196&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6871727324126&frm=20&pv=2&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: BB720F472F461AA07C6FBC2B02B5AD34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1618299508&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508262&bpp=15&bdt=371&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B0S8bW8pYO&p=https%3A//hi.ru&dtd=236
Frame ID: 21478DB9CE04ADD5562E08F235C569C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1618299508&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508277&bpp=1&bdt=387&idt=229&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7N407FOJbX&p=https%3A//hi.ru&dtd=233
Frame ID: 5C7289A4B771A0A1E2AF833C3EBBEA1D
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508278&bpp=1&bdt=387&idt=237&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8adGg5S7iK&p=https%3A//hi.ru&dtd=241
Frame ID: 143520A948BD54F9F6D89831D125D308
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508311&bpp=1&bdt=420&idt=216&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=Kg0rcOZBQa&p=https%3A//hi.ru&dtd=218
Frame ID: 98DCFB00F303F24B71C658827EAE9EF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508313&bpp=11&bdt=422&idt=254&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kvZM4N4MLJ&p=https%3A//hi.ru&dtd=258
Frame ID: 2C78D0B3ACCF56FF24A53DE90684DD89
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237
Frame ID: 6A3BE01473E1A9B3DA46922FA65A312B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245
Frame ID: 38114EE1C090C504CAB0B7232E7746BE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
Frame ID: A33C4C8A7BB90CE5C08D291149530F99
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BDA9C6AEA888142C32E9236AE230D8E4
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
Frame ID: DEFB231E1B62A29745013AA3EE9EFB51
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 586E9E34B6A02BFE513742D0CCA850CC
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AD4D02B694F6EBE4B9F244C09CDACD26
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 330DBB023FE0FB765B189F8688C4B6D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C77ZMdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMABT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgImBfwOJj4ieS35FJAaXU4S68gAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgH6CwIIAYAMAbIXGAoWEhRwdWItNTc5ODg2NzI0OTg4NzAzMw&sigh=rVxUxN50YBo&tpd=AGWhJmsRk0XF7kqMSegsapIr_5v4uYu9ehk5jpfHcDfVp6qP8Ck03fOZCs6jzFwYtmwEOVsn8JluJvjRdNZZ4IQWgiWSK0ZjuvKe4JWVtQIUj-IXjY7SpdXRaZE5mgsxwnfumyvLGqgZca9YBfbgM0aNeZKWKDuGC4ut_Av34v3kqjOBN7kfRA379EUPyjTzRX_p1ZG18pmCS1TNhQ0u7b3FDgUZ_EW860rf7Dy9IFCeWr51vtlnKLYGmsnkr7JqBR82WdOOAWuuYxKzrIQwl8UM2rTGgoH6CDCuLMDOzcLRnMkEWNgcHSPTBfN63skGvwESIbDbqGf1oWTxarHNyBKURFDCW1nzTFSIwPkaVWHWwO61Da_KMcPEVQWd1HwDd7pifu6RIgvkANnI__vhWmKma4TbrSStpuZx_isJQaYYaYasVHCtmBAmgJdbMk2ECeGz_Qynwreq80AgEFa74SZ3ptuGR-tmzq-kvTTEafCcBeiX3qQHdaHewRSw0C-VKqvkwReHIhwH8nKa5SbXKf362uFDBckplsLoBCpRTqUA75kTTVfvsOx2NnInZtTd9hnJDhiFacaK00ZMllFQCjKafKU6daZ53Fg3Lty-CnelSgv7Hi152IuxPuwV8MfsDer2zugSevj6yAUK3f4Xv09BE1Y8A4jafYBAjMv8qANOAS8rSA9DMmljJ_pfomnl0IfPAS85BQPgxObAzB9olUNtEYIrREhT6zAvZS8EyoZfZxgalQDo7umvko5qIPpDz2ykKbSlQdAEDnHe8n-NbaZTb9IdwH_0g6g6AMdGcnKPNsiLZK0__RlOrgeuzWr3CFxUnQ34CzeLhc0KLIXFnks1awB8eRNFjSdZUu7Jci_tlYwhYgRqjNhSFO-D8uWXxegPemREyPArlVaOPgutjjpfJKRwa-hnV34VklMpkpQiOzu0QqAvl_wPgVbmh5J6G0HWnpPC0zdi1A4Exrh4Q-_B7uqEvEkl_iHgLWEWRBf9PL_-Z-8RQfykmAb_ZHZ1McG5kSADdkh3DgghapaCegT9LUXIcgI
Frame ID: 1C6E27574F38C91719A1957DA01B4728
Requests: 12 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: D64B70CC9D7F6506D027A61141341FE3
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: ED1F6F4A6541619D6A2C5FDEEAA4256C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html
Frame ID: C7BE875353CBE8D860F0EFCEF0AF95AE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=ClfMedEp1YOe8H8mS7_UPsYOomAmZpbaOYpepx-v7DOzDtauuARABIOehgHpglQKgAeawvb8DyAEJqQLQlJ9nn_azPqgDAcgDSKoExgFP0PEOkREbY-rFkgEhZ6ZWuh9PW89D4izwGt3Sy5SuL_YDcKXDxGyJR0uvC3eimWXi7nYZ73gpX9S7oB9zwR_fScWM8yKXHdcCL53JPwI4RJCsMY0kanl1jkSaQJMDvs3kK2QrZNGFn8H4R2FybAL-PW2zAWmNLg3Zv8-8_r13t5StXlxA1bGyYkKeas1RRbWIqsmJcYf937HaERPdqdJXxoKvPxCC_Z4zhrZs7hSfILUSc8OCw37QKWLJhNIBANfq7nSD127ABKner8TBA5IFBAgEGAGSBQQIBRgEoAYugAeCz8JAqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELGuB9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01Nzk4ODY3MjQ5ODg3MDMz&sigh=AYNBkD4Ouxs&template_id=419&tpd=AGWhJmtoKe869PebReBeJiMLWMXUiwjw5zLuXL7X0PTw_5ryog
Frame ID: BCA08B0BF984582FF1BBB333527EA19A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F2B42E2E83FC83BC892F1555B6C7828E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8FA3E1C98E64A4DF5198850842045D96
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Frame ID: 58E5DA9E9D6758ABCE7854F3A3D7403D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Frame ID: 03F908DCACF0080EB43ECDBBF2612E32
Requests: 1 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=26145600051394800951399011563003&a=3f6a5775
Frame ID: F63AB6B82DC75A7EE934A8DFDC450675
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68B10220721680CF98E7CEE9E4ACF3DD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0DC58F8B096F010E3AB834CC386E6730
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Frame ID: 11A05BB8C8C89B087704C80E16C472F6
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Frame ID: AB3F1137C1A0CDCCF13262859A750C13
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

259
Requests

100 %
HTTPS

51 %
IPv6

36
Domains

54
Subdomains

43
IPs

6
Countries

3159 kB
Transfer

5380 kB
Size

9
Cookies

85 Outgoing links

These are links going to different origins than the main page.

URL: http://search.hi.ru/
Title: Search

Search URL Search Domain Scan URL

URL: http://mail.hi.ru/
Title: Mail

Search URL Search Domain Scan URL

URL: https://news.hi.ru/
Title: News

Search URL Search Domain Scan URL

URL: http://finance.hi.ru/
Title: Finance

Search URL Search Domain Scan URL

URL: http://pogoda.hi.ru/
Title: Weather

Search URL Search Domain Scan URL

URL: http://tv.hi.ru/
Title: TV

Search URL Search Domain Scan URL

URL: http://otvet.hi.ru/
Title: Answers

Search URL Search Domain Scan URL

URL: http://games.hi.ru/
Title: Games

Search URL Search Domain Scan URL

URL: http://online.hi.ru/
Title: Movies

Search URL Search Domain Scan URL

URL: http://soft.hi.ru/
Title: Software

Search URL Search Domain Scan URL

URL: http://translate.hi.ru/
Title: Translator

Search URL Search Domain Scan URL

URL: http://maps.hi.ru/
Title: Maps

Search URL Search Domain Scan URL

URL: https://news.hi.ru/politics
Title: Политика

Search URL Search Domain Scan URL

URL: https://news.hi.ru/incidents
Title: События

Search URL Search Domain Scan URL

URL: https://news.hi.ru/economy
Title: Экономика

Search URL Search Domain Scan URL

URL: https://news.hi.ru/auto
Title: Авто

Search URL Search Domain Scan URL

URL: https://news.hi.ru/society
Title: Общество

Search URL Search Domain Scan URL

URL: https://news.hi.ru/sport
Title: Спорт

Search URL Search Domain Scan URL

URL: https://news.hi.ru/in-the-world
Title: В мире

Search URL Search Domain Scan URL

URL: https://news.hi.ru/culture
Title: Культура

Search URL Search Domain Scan URL

URL: https://news.hi.ru/science
Title: Наука

Search URL Search Domain Scan URL

URL: https://news.hi.ru/cosmos
Title: Космос

Search URL Search Domain Scan URL

URL: https://news.hi.ru/hi-tech
Title: Hi-Tech

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/207456
Title: Эксперты назвали россиянам альтернативу отдыху в Турции

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/207468
Title: Военные подорвали на Енисее ледяные заторы и защитили от паводка Кызыл

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/207457
Title: Компания S7 приостановила рейсы в Турцию с 15 апреля по 1 июня

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/207458
Title: Следует ли опасаться громкого хруста в суставах? Сегодня, 7:44 Следует ли волноваться из-за появления щелчков и хруста в суставах, в эфире радио «Спутник» рассказал мануальный

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/207459
Title: Главные новости за ночь: тушение «Невской мануфактуры», формула богатства и личности Сегодня, 6:47 Редакция «МИР 24» подготовила дайджест главных событий за ночь, которые вы могли пропустить.Спасатели локализовали

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/207428
Title: Первый в космосе: в Беларуси установили бронзовый бюст Юрия Гагарина 12.04.2021, 22:52 В Брестской области Беларуси в День космонавтики установили бронзовый бюст Юрия Гагарина. Он появился в агрогородке

Search URL Search Domain Scan URL

URL: http://news.hi.ru/society/207429
Title: Мосты Санкт-Петербурга готовы к навигационному сезону 12.04.2021, 21:49 Мосты Санкт-Петербурга готовы к навигационному периоду. За лето по Неве проходят более трех тысяч судов. Для того чтобы их пропустить, разводят 12 мостов. Внутри одного из них – Дворцового – побывала

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics
Title: Политика

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/207453
Title: Конституция Кыргызстана: что изменили в основном законе страны 12.04.2021, 13:01 Накануне в Кыргызстане состоялся референдум по проекту новой Конституции. «МИР 24» рассказал подробнее о том, какие изменения появились в основном законе страны.Теперь главу правительства и его команду будет назначать

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/207409
Title: Международные наблюдатели высоко оценили референдум и местные выборы в Кыргызстане 12.04.2021, 12:59 Почти 80% избирателей поддержали проект новой Конституции Кыргызстана. Накануне в стране прошел референдум и выборы в

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/207363
Title: Голосование в Кыргызстане: в Центризбирком поступило около 50 жалоб на местные выборы 12.04.2021, 8:00 Проект новой Конституции Кыргызстана поддержали около 80% избирателей. Накануне в стране прошел референдум и выборы в

Search URL Search Domain Scan URL

URL: http://news.hi.ru/politics/207310
Title: Наблюдатели от СНГ: Референдум в Кыргызстане соответствовал международным стандартам 12.04.2021, 7:41 В миссии наблюдателей от СНГ считают, что референдум по принятию новой конституции Кыргызстана соответствует

Search URL Search Domain Scan URL

URL: http://news.hi.ru/economy
Title: Экономика

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world
Title: В мире

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world/207471
Title: В Турции на месяц закрываются бары и рестораны

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world/207472
Title: Япония сбросит воду в океан с аварийной «Фукусимы-1» после тщательной очистки

Search URL Search Domain Scan URL

URL: http://news.hi.ru/in-the-world/207460
Title: Пес Байдена пройдет курс дрессивровки из-за агрессивного поведения в Белом доме

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport
Title: Спорт

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/207461
Title: Московский ЦСКА стал первым финалистом Кубка Гагарина Сегодня, 7:11 Московский ЦСКА обыграл петербургский СКА в шестом матче серии финала плей-офф Западной конференции Континентальной хоккейной лиги (КХЛ), пишет газета «Спорт-Экспресс». Как отмечается, поединок прошел накануне в

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/207462
Title: «Барселона» впервые возглавила рейтинг самых дорогих футбольных клубов мира Сегодня, 6:49 Журнал Forbes обнародовал новый список 20 самых дорогих клубов мира. Впервые за 16 лет его возглавила каталонская

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/207463
Title: «Спартак» требует наказать судью матча с «Локомотивом» за нарушение дисциплинарного Сегодня, 6:22 Футбольный клуб «Спартак» считает, что главный арбитр матча с «Локомотивом» Кирилл Левников нарушил дисциплинарный

Search URL Search Domain Scan URL

URL: http://news.hi.ru/sport/207446
Title: Матчи НХЛ и НБА перенесли из-за убийства афроамериканца в Миннесоте Сегодня, 2:51 Матч регулярного чемпионата Национальной хоккейной лиги (НХЛ) между «Миннесотой» и «Сент-Луисом» перенесли на 12 мая.

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto
Title: Авто

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144911
Title: Porsche привез в Россию новый Macan Turbo

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144924
Title: Ульяновский завод Bridgestone начал поставки зимних шин в Европу

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144885
Title: Самые возрастные владельцы автомобилей LADA ездят на внедорожнике 4x4

Search URL Search Domain Scan URL

URL: http://news.hi.ru/auto/144960
Title: Renault Arkana появился в российском каршеринге

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech
Title: Hi-tech

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148177
Title: Каждого пятого реактора российских вузов поймали на плагиате

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148174
Title: Redmi выпустит флагман на Snapdragon 855 Plus дешевле конкурентов

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148170
Title: Google запустила горячую линию для звонков роботу

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148176
Title: Американские военные констатировали, что НАТО слабее России

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148171
Title: Беспроводные наушники научили разблокировать смартфон и подтверждать платежи

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148175
Title: Найден способ продления срока службы Международной космической станции

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148172
Title: Huawei презентовала «умный» телевизор

Search URL Search Domain Scan URL

URL: http://news.hi.ru/hi-tech/148173
Title: Huawei представила новые «умные» часы с двухнедельной продолжительностью работы

Search URL Search Domain Scan URL

URL: http://news.hi.ru/incidents
Title: События

Search URL Search Domain Scan URL

URL: https://id.hi.ru/reg
Title: Create account

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=465217&creativeid=1260399&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=465231&creativeid=1260398&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=457608&creativeid=1234000&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=74084&subpoolid=0&campaignid=457169&creativeid=1231680&imptld=hi.ru

Search URL Search Domain Scan URL

URL: http://pogoda.hi.ru/?city_id=524901
Title: Погода

Search URL Search Domain Scan URL

URL: http://maps.hi.ru/?l=524901
Title: Пробки

Search URL Search Domain Scan URL

URL: http://news.hi.ru/culture/207473
Title: Гузель Яхина рассказала о новом романе «Эшелон на Самарканд» и плагиате

Search URL Search Domain Scan URL

URL: http://news.hi.ru/science/207474
Title: В древнем городе майя нашли скрытую цитадель

Search URL Search Domain Scan URL

URL: http://news.hi.ru/incidents/207469
Title: СК: По делу о пожаре в Петербурге задержан гендиректор «Невской мануфактуры» и его заместитель

Search URL Search Domain Scan URL

URL: http://news.hi.ru/science/207475
Title: В бобах нашли вещество, подавляющее рак головного мозга

Search URL Search Domain Scan URL

URL: http://news.hi.ru/science/207464
Title: В России создали первый ныряющий патрульный корабль «Страж»

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/
Title: О проекте

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/adv
Title: Реклама

Search URL Search Domain Scan URL

URL: http://corp.hi.ru/contact
Title: Контакты

Search URL Search Domain Scan URL

URL: https://vk.com/hi_ru_official

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hiruportal/

Search URL Search Domain Scan URL

URL: https://ok.ru/hi.ru.official

Search URL Search Domain Scan URL

URL: https://twitter.com/hi_ru_official

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/vk.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/fb.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/ok.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/google.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/mailru.php

Search URL Search Domain Scan URL

URL: http://id.hi.ru/nmain/oauth/twitter.php

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.2562620619363605 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.2562620619363605

Request Chain 69

https://www.tns-counter.ru/V13a***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/535503990 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/535503990

Request Chain 81

https://sb.scorecardresearch.com/b?c1=2&c2=20651854&ns__t=1618299508523&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1618299508523&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=&cs_ak_ss=1

Request Chain 88

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9242.PJXdWkgahDex6pM4fBh0XAv107OYmoDoV36C_ts5RHV8dEW3SeZsty8CB-Y4kyFN.jdOGPgQLaRqUizS2LQljd95-5p0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9242.heLehOAM7STWxV9gksbErSIXSI-5dw_f_cQ3zfQQ5MoVB93m5EA82aSNSPmPTfE6PtKY9R3Hgd2KGbRl-wdqdQ%2C%2C.xbXM9K2YrBnEQV-YPJB2FQTjvIE%2C

Request Chain 105

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKVsODIqeYjX3kwiC5krKAAdQJwtlnuZraQDT1ctpwz75oS4QMRrl8ZR476qPyC4y5tz-QHI-Sw56cqogJ86vp7p-Uj36zh&google_gid=CAESEIux3V0vR9jzQcYg3VwEeLg&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPSU1YMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLVnNPRElxZVlqWDNrd2lDNWtyS0FBZFFKd3RsbnVacmFRRFQxY3Rwd3o3NW9TNFFNUnJsOFpSNDc2cVB5QzR5NXR6LVFISS1TdzU2Y3FvZ0o4NnZwN3AtVWozNnpo

Request Chain 106

https://rtb.openx.net/sync/dds?google_gid=CAESEPtPdofn21G9MidTPLL80v0&google_cver=1&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPtPdofn21G9MidTPLL80v0&google_cver=1&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88&google_hm=WVKvvojFwXEFU052cRjv1A==

Request Chain 107

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOvMky0ZOlIzF-t7KQTLoYs&google_cver=1&google_push=AQvitUIF39A8EYqqKDzcKgenV54BbvSsuQNgN8qSubGmbyy6XND2ZjXsA0AZG1UAf8BbHAovm4wO4-RqOUtAo4E2J33GO5uR9QGL HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOvMky0ZOlIzF-t7KQTLoYs&google_cver=1&google_push=AQvitUIF39A8EYqqKDzcKgenV54BbvSsuQNgN8qSubGmbyy6XND2ZjXsA0AZG1UAf8BbHAovm4wO4-RqOUtAo4E2J33GO5uR9QGL&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6Jbdn2o2Qsm5uzmDGVbkVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIF39A8EYqqKDzcKgenV54BbvSsuQNgN8qSubGmbyy6XND2ZjXsA0AZG1UAf8BbHAovm4wO4-RqOUtAo4E2J33GO5uR9QGL

Request Chain 108

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPRS_Y11xLnK0AdKKlC8QD0&google_cver=1&google_push=AQvitULADRollGuom9QF02dqHH1Sr5ZEEcUFS9APxstYOlk79Bdk3T3xMQlO6fZ337zQbwE0EKlZZh6z2qj486l0U7FYJSTCNGtY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1ItMU0tQ00wQg==&google_push=AQvitULADRollGuom9QF02dqHH1Sr5ZEEcUFS9APxstYOlk79Bdk3T3xMQlO6fZ337zQbwE0EKlZZh6z2qj486l0U7FYJSTCNGtY

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDpDO9R3h3f7jtAVwY_UH6o&google_cver=1&google_push=AQvitUI7eHMZzJOvIIcsdGjAeE3hGVQN3Z0Ha9ZUV7hsnV18uJxAJ9_RN5WboUhVXT22sCmrwikO12nN5o6-EAjGxyN2MYB3SpKh HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDpDO9R3h3f7jtAVwY_UH6o&google_push=AQvitUI7eHMZzJOvIIcsdGjAeE3hGVQN3Z0Ha9ZUV7hsnV18uJxAJ9_RN5WboUhVXT22sCmrwikO12nN5o6-EAjGxyN2MYB3SpKh&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_push=AQvitUI7eHMZzJOvIIcsdGjAeE3hGVQN3Z0Ha9ZUV7hsnV18uJxAJ9_RN5WboUhVXT22sCmrwikO12nN5o6-EAjGxyN2MYB3SpKh&google_gid=CAESEDpDO9R3h3f7jtAVwY_UH6o&google_cver=1

Request Chain 110

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJjx1NYTk785ZkDx-GJPSMw&google_cver=1&google_push=AQvitUIY_LUiqT4s8troSVFpzKAFjUXxK5C24iVoeatzc9a82YCVY2rVcJVe8nSQe-hao8tkqAd4KfEsnCiHiLD6ACYxZVgtp6y2LQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_LUiqT4s8troSVFpzKAFjUXxK5C24iVoeatzc9a82YCVY2rVcJVe8nSQe-hao8tkqAd4KfEsnCiHiLD6ACYxZVgtp6y2LQ&google_hm=

Request Chain 113

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUL4aZV3uR_4sc_DuhOtbrz9nQkcOfpPsOw-jL6_GxHCTgcPB8wSwft0HPN4rks_yBdGoGkNaHjo5LXTeo-PDfRVNQ5t_moO&google_gid=CAESENy5xbaTd0gbhSAIGeAvnGE&google_cver=1 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=&google_push

Request Chain 114

https://rtb.openx.net/sync/dds?google_gid=CAESECt3mctWPLiT2ENfbS__hRo&google_cver=1&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECt3mctWPLiT2ENfbS__hRo&google_cver=1&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU&google_hm=WVKvvojFwXEFU052cRjv1A==

Request Chain 115

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDKzB0nBGn95SBguskh43Ik&google_cver=1&google_push=AQvitUK6HL-uM8nTAAddOlgEWT8eEnZrfVSlxoj2Nx5LkGq2NSgaXkd6HVPf_sDRxRqYROf2gZMnoGBYWMVrnbXEZ6d9wyDZ7dSM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDKzB0nBGn95SBguskh43Ik&google_cver=1&google_push=AQvitUK6HL-uM8nTAAddOlgEWT8eEnZrfVSlxoj2Nx5LkGq2NSgaXkd6HVPf_sDRxRqYROf2gZMnoGBYWMVrnbXEZ6d9wyDZ7dSM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK6HL-uM8nTAAddOlgEWT8eEnZrfVSlxoj2Nx5LkGq2NSgaXkd6HVPf_sDRxRqYROf2gZMnoGBYWMVrnbXEZ6d9wyDZ7dSM

Request Chain 116

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG3yZVe0aksFW6K8VZc_KSA&google_cver=1&google_push=AQvitULdTnAaMyb10eeL_oM04BhbT6UujrVIYTjnoOco-sPWVe2F88NYaYnDYfHniy3f3dpHVZPJs9QCaILvll5yE9CciqBzyqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1QtNS1FSEE0&google_push=AQvitULdTnAaMyb10eeL_oM04BhbT6UujrVIYTjnoOco-sPWVe2F88NYaYnDYfHniy3f3dpHVZPJs9QCaILvll5yE9CciqBzyqA

Request Chain 117

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELo-gP-kj40t628cSSIHLsg&google_cver=1&google_push=AQvitUJnOgpJXfIhoohfg5l_m7ZVtO9ZC7UBLMuN7PJxhKVMCWbmUyehHNtVfnWhvHmnSvjwgtasTdAbPJh55YKm_KsQZcdIsj2X HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELo-gP-kj40t628cSSIHLsg&google_push=AQvitUJnOgpJXfIhoohfg5l_m7ZVtO9ZC7UBLMuN7PJxhKVMCWbmUyehHNtVfnWhvHmnSvjwgtasTdAbPJh55YKm_KsQZcdIsj2X&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdJaeSlWU7X0-8U_5IQAAAsgAAAIB&google_push=AQvitUJnOgpJXfIhoohfg5l_m7ZVtO9ZC7UBLMuN7PJxhKVMCWbmUyehHNtVfnWhvHmnSvjwgtasTdAbPJh55YKm_KsQZcdIsj2X&google_cver=1&google_gid=CAESELo-gP-kj40t628cSSIHLsg

Request Chain 118

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECCelL67c-dpS6R57F4zLGQ&google_cver=1&google_push=AQvitUJYxsl6tyq1BRuDdZrWFhWNJ42ul8LpKvlfzKEqPDzWi-d_gGL3KpIMkBZ9W0DI9rCS23dsjLzNAYZAKvXmZpjPRPzzSWY2qw HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJYxsl6tyq1BRuDdZrWFhWNJ42ul8LpKvlfzKEqPDzWi-d_gGL3KpIMkBZ9W0DI9rCS23dsjLzNAYZAKvXmZpjPRPzzSWY2qw&google_hm=

Request Chain 141

https://mc.yandex.com/watch/27131102?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A446%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A547965224373%3Ahid%3A491213153%3Az%3A120%3Ai%3A20210413093828%3Aet%3A1618299509%3Ac%3A1%3Arn%3A26344211%3Au%3A1618299509426716044%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618299507717%3Ads%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C503%2C40%2C%2C%2C%2C677%3Adsn%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C505%2C40%2C%2C%2C%2C677%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618299509%3At%3AHi.ru HTTP 302
https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A446%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A547965224373%3Ahid%3A491213153%3Az%3A120%3Ai%3A20210413093828%3Aet%3A1618299509%3Ac%3A1%3Arn%3A26344211%3Au%3A1618299509426716044%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618299507717%3Ads%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C503%2C40%2C%2C%2C%2C677%3Adsn%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C505%2C40%2C%2C%2C%2C677%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618299509%3At%3AHi.ru

Request Chain 177

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 179

https://hal90003.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=ccc0dff178&subid=&uid=9b7dc99a3d144c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3834832077377830804%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_cid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%2526client%253Dca-pub-5798867249887033%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5798867249887033%26output%3Dhtml%26h%3D250%26slotname%3D8450970356%26adk%3D2494497118%26adf%3D1726048742%26pi%3Dt.ma~as.8450970356%26w%3D300%26lmt%3D1618299508%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fhi.ru%252F%253Fmd81%26flash%3D0%26wgl%3D1%26dt%3D1618299508349%26bpp%3D3%26bdt%3D459%26idt%3D242%26shv%3Dr20210407%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x90%252C728x90%252C300x250%252C300x250%252C300x250%252C300x250%26nras%3D1%26correlator%3D6871727324126%26frm%3D20%26pv%3D1%26ga_vid%3D723691177.1618299508%26ga_sid%3D1618299508%26ga_hid%3D1893615385%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1140%26ady%3D4652%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066434%252C44740079%26oid%3D3%26pvsid%3D217667731315329%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DZQiOoamB5Z%26p%3Dhttps%253A%2F%2Fhi.ru%26dtd%3D245&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fhi.ru&random=6553879725682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=ccc0dff178&subid=&uid=9b7dc99a3d144c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3834832077377830804%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_cid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%2526client%253Dca-pub-5798867249887033%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5798867249887033%26output%3Dhtml%26h%3D250%26slotname%3D8450970356%26adk%3D2494497118%26adf%3D1726048742%26pi%3Dt.ma~as.8450970356%26w%3D300%26lmt%3D1618299508%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fhi.ru%252F%253Fmd81%26flash%3D0%26wgl%3D1%26dt%3D1618299508349%26bpp%3D3%26bdt%3D459%26idt%3D242%26shv%3Dr20210407%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x90%252C728x90%252C300x250%252C300x250%252C300x250%252C300x250%26nras%3D1%26correlator%3D6871727324126%26frm%3D20%26pv%3D1%26ga_vid%3D723691177.1618299508%26ga_sid%3D1618299508%26ga_hid%3D1893615385%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1140%26ady%3D4652%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066434%252C44740079%26oid%3D3%26pvsid%3D217667731315329%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DZQiOoamB5Z%26p%3Dhttps%253A%2F%2Fhi.ru%26dtd%3D245&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fhi.ru&random=6553879725682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 189

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDry_mgERDeAhjeAjIIRR-0H9EDqZM HTTP 301
https://tpc.googlesyndication.com/simgad/18335929595331399552

Request Chain 204

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJT2Y5gPMOExfBeWvXPqi6A50KGsDNoG5eeKp5Gi4xIoeEbac_to-kMJyjwQHc1EoFHJ_ZYvSPJVOQ-pc8cUj57sDMxXQ&google_gid=CAESELvNA3WGytt8WICVaf31RZ8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJT2Y5gPMOExfBeWvXPqi6A50KGsDNoG5eeKp5Gi4xIoeEbac_to-kMJyjwQHc1EoFHJ_ZYvSPJVOQ-pc8cUj57sDMxXQ&google_gid=CAESELvNA3WGytt8WICVaf31RZ8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTMwNzM4MzA1NTE3NzcxMjY5Nzc3NQ%3D%3D&google_push=AQvitUJT2Y5gPMOExfBeWvXPqi6A50KGsDNoG5eeKp5Gi4xIoeEbac_to-kMJyjwQHc1EoFHJ_ZYvSPJVOQ-pc8cUj57sDMxXQ

Request Chain 206

https://rtb.openx.net/sync/dds?google_gid=CAESEL65wLSutWe2qvMUyE3vi9E&google_cver=1&google_push=AQvitUK-EsXCn2z6oMgvA6ndom1S6N_klEys75284rJdkrwdazdNAC3RA-HD5Bq0PE_n4R01sYg_KwIBHFhuItwFhfU-jpGvVS4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK-EsXCn2z6oMgvA6ndom1S6N_klEys75284rJdkrwdazdNAC3RA-HD5Bq0PE_n4R01sYg_KwIBHFhuItwFhfU-jpGvVS4&google_hm=WVKvvojFwXEFU052cRjv1A==

Request Chain 207

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDqsz-ERydS0npAvZYusiyA&google_cver=1&google_push=AQvitULDF1JeIUzg20xM0MyCIqcEtO4tTokSy0DLB0rSzRoFowsweWIePS-DFeVy_3WNBFudsqe6a9dydLTXXLcZcxMbT8sjJQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULDF1JeIUzg20xM0MyCIqcEtO4tTokSy0DLB0rSzRoFowsweWIePS-DFeVy_3WNBFudsqe6a9dydLTXXLcZcxMbT8sjJQ

Request Chain 208

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG-LgDNFS5GzioDU9PpAsh4&google_cver=1&google_push=AQvitULGvDeRJvPZwYHvWx2Vw44FdLEhHPxqDcbwt5R9mCTbfnoGn4wOHb5AXS4HSc99fVJEXOiBhD2Mz15FLb_Tp8eOAUQvcfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFUQjUtMjMtRVNMWQ==&google_push=AQvitULGvDeRJvPZwYHvWx2Vw44FdLEhHPxqDcbwt5R9mCTbfnoGn4wOHb5AXS4HSc99fVJEXOiBhD2Mz15FLb_Tp8eOAUQvcfQ

Request Chain 209

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKM4SIObzSPKFq7DcCQtQ2A&google_cver=1&google_push=AQvitUL25uaGk7iGnVFkyoIW5oQYHCRpq4gnDVOy4BNt3Yb7tmZTgf2WWQwXRM5WdIiHvygBg3ZI1fYyoxTHdDm4wUvFcqo26w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_gid=CAESEKM4SIObzSPKFq7DcCQtQ2A&google_cver=1&google_push=AQvitUL25uaGk7iGnVFkyoIW5oQYHCRpq4gnDVOy4BNt3Yb7tmZTgf2WWQwXRM5WdIiHvygBg3ZI1fYyoxTHdDm4wUvFcqo26w

259 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hi.ru/ 118 KB
29 KB 171ms
88ms Document
text/html 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 79613b9a17480739818efb9d0fe992a27610c69aaf3f44cfa9b5f76fa3624f0c

Request headers

:method: GET
:authority: hi.ru
:scheme: https
:path: /?md81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: Apache
cache-control: max-age=0
expires: Tue, 13 Apr 2021 07:38:27 GMT
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 8 KB
825 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 05:56:29 GMT
server: ESF
date: Tue, 13 Apr 2021 07:38:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 07:38:27 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
hi.ru/js/ 91 KB
32 KB 46ms
45ms Script
application/javascript 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/js/jquery-1.10.2.min.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:27 GMT
content-encoding: gzip
last-modified: Thu, 20 Nov 2014 15:26:10 GMT
server: nginx
etag: W/"546e0812-16bb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Tue, 13 Apr 2021 08:38:27 GMT

GET
H2 200 main.css
hi.ru/assets/ 92 KB
14 KB 44ms
44ms Stylesheet
text/css 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/main.css
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: eaf394f0cf1614e22d265d916398cc14562c0bfa73a6f90af26e068dd76e4dd2

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:27 GMT
content-encoding: gzip
last-modified: Thu, 18 May 2017 12:02:09 GMT
server: nginx
etag: W/"591d8d41-16e60"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
expires: Tue, 13 Apr 2021 08:38:27 GMT

GET
H2 200 widget.css
hi.ru/assets/ 2 KB
964 B 40ms
40ms Stylesheet
text/css 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/widget.css
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 390cdd2401b8a6d820152f5d1c9c0070833f95a983b81b988498bb14daf99c5f

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:27 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:07:58 GMT
server: nginx
etag: W/"5893595e-9d0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
expires: Tue, 13 Apr 2021 08:38:27 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 86ms
40ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:29 GMT
server: nginx
etag: W/"605322dd-1c9d1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 14 Apr 2021 07:38:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 131ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2e177830a5036b9aedc8dad8d69cd5dd4e9d0e72875d88b442b81b8088ee577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48396
x-xss-protection: 0
server: cafe
etag: 16994672417906242137
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H2 200 161829902350954.jpg
photoshosting.ru/ 6 KB
6 KB 174ms
82ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829902350954.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 2860bf5fe35d98f46c2213c71e5e48e9a7b36ed4c046e4ea0514215312b7ea55

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "18ed-5bfd59eddc050"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6381
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829902611682.jpg
photoshosting.ru/ 8 KB
8 KB 212ms
120ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829902611682.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: f6183b99b7826661f6b9a46df6edce6ca2359739a39b4f6e1a118be78d02bf81

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "1e5b-5bfd59eddc050"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7771
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829902858984.jpg
photoshosting.ru/ 6 KB
6 KB 173ms
81ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829902858984.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8867922c74beec3c4d6e2894e18cb7097ac78af8ddaceb1a0f85e567d1ebf45a

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "18d6-5bfd59edde760"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6358
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829903080650.jpg
photoshosting.ru/ 20 KB
20 KB 135ms
43ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829903080650.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 640f0f24a477a3b7077633839a4359793498ebd106a49ae229be3804440b103a

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "4e6e-5bfd59ede0e70"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 20078
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829903294440.jpg
photoshosting.ru/ 12 KB
12 KB 135ms
43ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829903294440.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 631a9f7ec1e7afa01c62a81323426c3621356d30ed6e141f3e481df1985ccffa

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "3014-5bfd59ede0e70"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12308
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829904096798.jpg
photoshosting.ru/ 8 KB
8 KB 211ms
120ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829904096798.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 406d95539f6fd88170d62412cd3899498f28728f629938d3085850155dea3b42

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "1ff9-5bfd59ede3580"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8185
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829904937691.jpg
photoshosting.ru/ 11 KB
11 KB 116ms
115ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829904937691.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: cf30c00af063e34b0441b5df118788d9a7eaefeb6673144ce9d28883332d0661

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "2b06-5bfd59ede5c90"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11014
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829905162878.jpg
photoshosting.ru/ 10 KB
10 KB 118ms
116ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829905162878.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: d255c5f4e04287d16ae7776e8ff8c6bd4316d829bfd639d212ad8c74fe2d9003

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "27be-5bfd59ede5c90"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10174
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829905413238.jpg
photoshosting.ru/ 14 KB
14 KB 116ms
115ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829905413238.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 56a71b039fee9ad1fb696c2741431841d92cc184fbd18f3ee0aca62caebb0754

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "377a-5bfd59ee169d3"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14202
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829905688955.jpg
photoshosting.ru/ 14 KB
14 KB 116ms
115ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829905688955.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 56a71b039fee9ad1fb696c2741431841d92cc184fbd18f3ee0aca62caebb0754

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "377a-5bfd59ee190e3"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14202
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829905655600.jpg
photoshosting.ru/ 31 KB
31 KB 117ms
115ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829905655600.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 057014ef0503a73be9492b2d2547cceee04790eaf0cc3d5a2bd4f4b8fa07a187

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "7af5-5bfd59ee1b7f3"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 31477
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829905826033.jpg
photoshosting.ru/ 23 KB
24 KB 117ms
115ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829905826033.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 201931dd146131958e4ee35c7639a951f9b5460ba5168ac5eaacba16e4dd1187

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "5d98-5bfd59ee1df03"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23960
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829906742744.jpg
photoshosting.ru/ 7 KB
7 KB 117ms
116ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829906742744.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 1830ebe18239dc37ae01fa87aa1b5f99f0f5e481ac78f65423047d0b4d99b262

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "1b6a-5bfd59ee20613"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7018
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829906978969.jpg
photoshosting.ru/ 8 KB
8 KB 118ms
116ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829906978969.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8812d0b63b87402b006168f60cc26043b993161c347829cb839ab449d1e80d13

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "209a-5bfd59ee22d23"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8346
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829907022138.jpg
photoshosting.ru/ 7 KB
7 KB 117ms
116ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829907022138.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: c80ce059499cfd0313ab1eba06eb886d1f37b94c059068aeb278adb262d3506d

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "1baa-5bfd59ee3b3c4"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7082
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829907337000.jpg
photoshosting.ru/ 9 KB
9 KB 117ms
116ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829907337000.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 8946d4f87f3c79a7ef438695bae478433c1fc176cb2a3d1a1ee167b3de6e3dac

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "2469-5bfd59eea1c69"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9321
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829907366701.jpg
photoshosting.ru/ 5 KB
5 KB 116ms
115ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829907366701.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: af87dd0a91f10cb6c35af0b4ecc86df4cdc772d73222cbf43e998a0ca6d9fb18

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "1429-5bfd59eea1c69"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5161
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829907544439.jpg
photoshosting.ru/ 4 KB
4 KB 118ms
116ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829907544439.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: edc3a0ad539531bd40ae350cbdd4770c95149d47c226aac2d415dc66fb17591f

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "10df-5bfd59eea4379"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4319
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829907514935.jpg
photoshosting.ru/ 4 KB
5 KB 118ms
117ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829907514935.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: c2fbe8d3fa0d0fc9e410f6e538e2fde3369b477bcfa1033abbb42eadd33705b0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "115e-5bfd59eea6a89"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4446
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829908188820.jpg
photoshosting.ru/ 10 KB
10 KB 118ms
117ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829908188820.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: b385bb4cce0962affa74f1f8ae9b44383cc0a413109613f430afe78a62c61caa

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:38 GMT
server: Apache
etag: "27a5-5bfd59eecb47a"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10149
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 green.png
hi.ru/images/ 1 KB
2 KB 43ms
40ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/images/green.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 41ab83e27acc60d34b77d7d6e5e65e3646d0b083f50f7fac1c8687a3f18d9a1d

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 20 Nov 2014 15:27:30 GMT
server: nginx
etag: "546e0862-55a"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1370
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 qdown.png
hi.ru/img/ 1 KB
1 KB 45ms
42ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/qdown.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1cfdb43297e916e2da546a244903e8eb3d0baf67620dda087399548c2e7afddf

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-404"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1028
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 qup.png
hi.ru/img/ 1023 B
1 KB 43ms
41ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/qup.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: ea0269a93ceb6cb9f7b0cda0b251de17323690136dec4f059109e6c6909a150f

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-3ff"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1023
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 s-vk.png
hi.ru/img/ 2 KB
2 KB 43ms
40ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-vk.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: dabba4011fb5c6cb64e46386a598022f8cdaaa6370c5d3e81e253585d9541b0d

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-66e"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1646
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 s-fb.png
hi.ru/img/ 1 KB
2 KB 47ms
44ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-fb.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1606c243d646bbbc486c09453274d8fcc058f4bc6d3d52b54350a38027750ea2

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-5e9"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1513
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 s-ok.png
hi.ru/img/ 2 KB
2 KB 45ms
43ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-ok.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8763c7cee404235584c03d712187e2aac4355da9b405f1fc406af91ae15e873a

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-6d6"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1750
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 s-tw.png
hi.ru/img/ 2 KB
2 KB 44ms
41ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s-tw.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e566ca5478f1ebc1d7c117362af3aca30b57cd0b988e4ce62c7039e1793c1409

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-636"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1590
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 vk.png
hi.ru/img/s/ 1 KB
1 KB 46ms
44ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/vk.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: d8738f1a40f1f64f8561fe5924e4fb9134be21eeaa73c7f0adae5df353294ec6

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-50d"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1293
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 fb.png
hi.ru/img/s/ 1 KB
1 KB 44ms
42ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/fb.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 704fb2fb51023c7f361e779a1448e30de7b2c347652e359aec3f71b1156abdc6

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-49f"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1183
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 ok.png
hi.ru/img/s/ 1 KB
2 KB 44ms
42ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/ok.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 64fedf0f1f511c637ed27216292fed7ff26dfa03c4215cf2d6a37344d03f6001

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-5ae"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1454
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 gp.png
hi.ru/img/s/ 1 KB
2 KB 45ms
43ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/gp.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: d5d8dc69aa87c483b4fe658a37d73a8492c874eabbac539b90f7101c4458ec4f

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-5b3"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1459
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 ma.png
hi.ru/img/s/ 2 KB
2 KB 46ms
44ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/ma.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6430a5609cdd61e8ec8b87c2f32a4b8010a93fca76e4737387673b788afd9a82

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-732"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1842
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 tw.png
hi.ru/img/s/ 1 KB
2 KB 45ms
43ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/s/tw.png
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e14245edb66438db8f4b062f463e708132f41762649ddb809dddb5c9f8eb9987

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:07 GMT
server: nginx
etag: "5893547b-59f"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1439
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 main.js Show response
hi.ru/assets/ 526 KB
118 KB 45ms
45ms Script
application/javascript 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/assets/main.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: bd49298c921b316356e1457a8ff2a9f19c0d069415e8a014f1d6ea6511000787

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2017 13:28:36 GMT
server: nginx
etag: W/"595b9804-836e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 452126
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14932
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.2562620619363605
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.2562620619363605

43 B
496 B

69ms
69ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.2562620619363605

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 12 Apr 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi.ru/%3Fmd81;0.2562620619363605
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 12 Apr 2020 21:00:00 GMT

GET
H2 200 WorldofWater.woff
hi.ru/fonts/ 18 KB
19 KB 40ms
39ms Font
application/font-woff 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/fonts/WorldofWater.woff
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: b663358d262151aebf082f699b672c1c44e5e1ed122b6bcf03a461345d0673ae

Request headers

Origin: https://hi.ru
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:44:52 GMT
server: nginx
etag: "589353f4-4978"
content-type: application/font-woff
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18808
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 icomoon.ttf
hi.ru/fonts/ 6 KB
7 KB 45ms
44ms Font
application/octet-stream 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/fonts/icomoon.ttf?ize68d
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 6f9c80a5f214df00adb0ee7f714a44c3a472f52e7dbe66bf740eb4344b21c26f

Request headers

Origin: https://hi.ru
Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:44:52 GMT
server: Apache
etag: "197c-5478e0bcfc930"
cache-control: max-age=0
accept-ranges: bytes
content-length: 6524
expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 164090
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 161829901312787.jpg
photoshosting.ru/ 65 KB
65 KB 118ms
117ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829901312787.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 31f5a77b32f50b602d32286ff14d8174928ed5d5683015dfecda009192749726

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "10385-5bfd59edd4b20"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 66437
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829901470432.jpg
photoshosting.ru/ 43 KB
43 KB 118ms
117ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829901470432.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: e29fbb7d12134eb316c72368b2dc1952f782fd31fb389d09e081e3210597c27b

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "aa42-5bfd59edd7230"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 43586
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829901980877.jpg
photoshosting.ru/ 66 KB
66 KB 118ms
117ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829901980877.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: b030a8960280e548a468c3fe2ab57d296f7c6bdbc3677ed82b04d9d56b869198

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:37 GMT
server: Apache
etag: "1089b-5bfd59edd9940"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 67739
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 calendar.png
hi.ru/img/ 1 KB
1 KB 45ms
44ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/calendar.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: b0444809862b2227d687d9248c429aff81d18fd75a872fd7712e1402e2305f1c

Request headers

Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-468"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1128
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 nav.png
hi.ru/img/ 1 KB
2 KB 50ms
49ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/nav.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 26de7ddc151567db6158dbb2e730c21f7bdb291354b1a88a9e4123cb6ec455b0

Request headers

Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-54b"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1355
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:45 GMT
server: sffe
age: 452125
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:03 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 164090
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 01:57:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:24 GMT
server: sffe
age: 452473
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9400
x-xss-protection: 0
expires: Fri, 08 Apr 2022 01:57:15 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hi.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 452125
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9588
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:03 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/ 220 KB
83 KB 58ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5798867249887033&plah=hi.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

524ab8ce722fd84999ab057cfa8eba4cc8352b38873cb72bfce586bc9e07a5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84040
x-xss-protection: 0
server: cafe
etag: 6419256952387698069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H2 200 mail-box-arrow.png
hi.ru/img/ 1 KB
1 KB 40ms
40ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/img/mail-box-arrow.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3ed14ffcf48a4f46614b93bb468c59b4a04917a0997f3db67bf5aede6cd09ef2

Request headers

Referer: https://hi.ru/assets/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 15:47:06 GMT
server: nginx
etag: "5893547a-410"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1040
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210407/r20190131/ Frame A4A1 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210407/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210407/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Apr 2021 22:57:50 GMT
expires: Mon, 26 Apr 2021 22:57:50 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 31238
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK textad_async_v100.pack.js Show response
server.cpmstar.com/cached/js/ 3 KB
1 KB 435ms
108ms Script
application/javascript 198.24.170.50
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/cached/js/textad_async_v100.pack.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.50 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 056f9a9ab494185acd4e5ce566f47dab29b63f34f7240c6016c39f0b94863d0d

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Aug 2019 13:57:02 GMT
Server: Microsoft-IIS/10.0
ETag: "0be0283a49d51:0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1072

GET
H2 200 weather_sprite_36.png
hi.ru/images/weather/ 66 KB
67 KB 43ms
42ms Image
image/png 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/images/weather/weather_sprite_36.png
Requested by: Host: hi.ru
URL: https://hi.ru/assets/widget.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8d9b5eb29b4bde77d7ab2fce99c079aba5ee1099640271987ff9a10df97b06ca

Request headers

Referer: https://hi.ru/assets/widget.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Thu, 02 Feb 2017 16:09:05 GMT
server: nginx
etag: "589359a1-10913"
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
content-length: 67859
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 161829909088896.jpg
photoshosting.ru/ 19 KB
19 KB 113ms
113ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909088896.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 02f3c96b637e86e08096b57d5b8fe57819fe42782c7757985352ab34ab08713f

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:39 GMT
server: Apache
etag: "4bf1-5bfd59ef4cad0"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 19441
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909156177.jpg
photoshosting.ru/ 10 KB
10 KB 113ms
112ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909156177.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: b70fe08c29d1a0c0a04ff0b54669bfa0af2f1ff3e7a5ecf9374264b25deb3ceb

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:39 GMT
server: Apache
etag: "2806-5bfd59ef7b102"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10246
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909243003.jpg
photoshosting.ru/ 25 KB
25 KB 113ms
112ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909243003.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 75a94240b426b1146314d6fce78412340e3574d4096ca2ad258e9a64749a330a

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:40 GMT
server: Apache
etag: "6493-5bfd59eff5227"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25747
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909393141.jpg
photoshosting.ru/ 8 KB
8 KB 101ms
100ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909393141.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 832053361f1ef51957268ed756e07dbf3f646d2a6dbf63e6c7bd336d45c8bceb

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:40 GMT
server: Apache
etag: "2016-5bfd59eff7938"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8214
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909373986.jpg
photoshosting.ru/ 8 KB
8 KB 100ms
100ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909373986.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: cc0e005386f74b55c9f60b8446f835a7be5a7e1fab58d97f6fcdc2a93eccafd1

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:40 GMT
server: Apache
etag: "1e10-5bfd59effa048"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7696
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909424948.jpg
photoshosting.ru/ 7 KB
7 KB 99ms
99ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909424948.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 48586760351a662290f4a8dfeb60fa3e0660588f323d3e855ab57d0ef9a7f952

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:40 GMT
server: Apache
etag: "1a2b-5bfd59f0397ea"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6699
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909445278.jpg
photoshosting.ru/ 14 KB
15 KB 84ms
83ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909445278.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: bb10b5284a2385c6d0ad74dd0db63171c8f406a17b2bbd2330df6852d111ba17

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:40 GMT
server: Apache
etag: "3989-5bfd59f0397ea"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14729
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909576793.jpg
photoshosting.ru/ 10 KB
11 KB 85ms
85ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909576793.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: e74be3ff673b63f9947c36f05e9fe6071b8178c17d25199bb3722f82a94d8704

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:40 GMT
server: Apache
etag: "29c5-5bfd59f03befb"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10693
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 161829909657302.jpg
photoshosting.ru/ 13 KB
13 KB 84ms
84ms Image
image/jpeg 2a00:15f8:a000:5:1:14:7:1fd5
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photoshosting.ru/161829909657302.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:14:7:1fd5 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: fb778f3d4e1b9805dbee637f5a0a8627b7583c8657dd588633734ab07840a79e

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13 Apr 2021 07:31:40 GMT
server: Apache
etag: "33a1-5bfd59f03e60b"
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13217
expires: Wed, 14 Apr 2021 07:38:28 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
44 KB 133ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

553eb5bbd710f85a90e930f22e9c7dec5b9d5e28ff96b7129802b7fe894a4209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: br
last-modified: Mon, 12 Apr 2021 13:19:03 GMT
etag: "60705d6f-ad38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44344
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2

200

535503990
www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/535503990
https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/535503990

43 B
297 B

41ms
41ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/535503990
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*hi_ru/ru/UTF-8/tmsec=hi_total/535503990
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 96ms
31ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 14 Apr 2021 07:38:28 GMT

GET tv-xml2.php
tv.hi.ru/ 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 079C 0
150 B 45ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=hi.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=hi.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1466
date: Tue, 13 Apr 2021 07:38:28 GMT
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 195 B
635 B 190ms
66ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hi.ru&callback=_gfp_s_&client=ca-pub-5798867249887033

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5798867249887033&plah=hi.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ddea36e80cc4c0cee6cd607ba23921fc5540d1cdfd9f8f29eaed9fc6946f0f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB72 11 KB
1 KB 73ms
59ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1618299508&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&ea=0&flash=0&pra=5&wgl=1&dt=1618299508247&bpp=14&bdt=356&idt=196&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6871727324126&frm=20&pv=2&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d712e4cc8eadd6e88b55ba2005b9e0df7111ba17724cd3b51a3fdf8240b3a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&adk=293675617&adf=814277786&lmt=1618299508&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&ea=0&flash=0&pra=5&wgl=1&dt=1618299508247&bpp=14&bdt=356&idt=196&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6871727324126&frm=20&pv=2&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:28 GMT
server: cafe
content-length: 958
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 07:53:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:28 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988871915048"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28262
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2147 105 KB
34 KB 544ms
543ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1618299508&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508262&bpp=15&bdt=371&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B0S8bW8pYO&p=https%3A//hi.ru&dtd=236

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc55909145cc895ce9457fe5a92045c8db25bba712bf7880c018dfc5849d5eb8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COfG4brb-u8CFUnJuwgdsQEKkw&gqi=dEp1YOeEH82YgQfmuqKoCg&layout=/sadbundle/%24csp%253Der3%24/4633029431731172726/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1618299508&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508262&bpp=15&bdt=371&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B0S8bW8pYO&p=https%3A//hi.ru&dtd=236
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COfG4brb-u8CFUnJuwgdsQEKkw&gqi=dEp1YOeEH82YgQfmuqKoCg&layout=/sadbundle/%24csp%253Der3%24/4633029431731172726/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:29 GMT
server: cafe
content-length: 33866
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 07:53:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C72 106 KB
28 KB 701ms
700ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1618299508&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508277&bpp=1&bdt=387&idt=229&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7N407FOJbX&p=https%3A//hi.ru&dtd=233

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae8cc0098f1eeb449dc71d0d32d378cb852dc681502b9e50dc52987e71577eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1618299508&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508277&bpp=1&bdt=387&idt=229&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7N407FOJbX&p=https%3A//hi.ru&dtd=233
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:29 GMT
server: cafe
content-length: 28782
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 07:53:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:29 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1435 62 KB
23 KB 521ms
521ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508278&bpp=1&bdt=387&idt=237&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8adGg5S7iK&p=https%3A//hi.ru&dtd=241

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baba71484d8e255f5013a2eec6ce7a8a66ffe7dc994f877cbf203abbc4af182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508278&bpp=1&bdt=387&idt=237&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8adGg5S7iK&p=https%3A//hi.ru&dtd=241
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:29 GMT
server: cafe
content-length: 23415
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 07:53:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:29 GMT
cache-control: private

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20651854&ns__t=1618299508523&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1618299508523&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=&cs_ak_ss=1

0
528 B

31ms
31ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1618299508523&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=&cs_ak_ss=1
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:28 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20651854&ns__t=1618299508523&ns_c=UTF-8&cv=3.5&c8=Hi.ru&c7=https%3A%2F%2Fhi.ru%2F%3Fmd81&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:28 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98DC 399 B
226 B 78ms
78ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508311&bpp=1&bdt=420&idt=216&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=Kg0rcOZBQa&p=https%3A//hi.ru&dtd=218

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8214cdc30a17ed55564d12d7809766d5500528444767a52156fde7485eac79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=3250614562&adk=3114078636&adf=1696407705&pi=t.ma~as.3250614562&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508311&bpp=1&bdt=420&idt=216&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=Kg0rcOZBQa&p=https%3A//hi.ru&dtd=218
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:28 GMT
server: cafe
content-length: 198
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 07:53:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:28 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 44ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 45ms
30ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.ru

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C78 13 KB
7 KB 100ms
100ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508313&bpp=11&bdt=422&idt=254&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kvZM4N4MLJ&p=https%3A//hi.ru&dtd=258

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d4f3401751ce5afee9a97eff2f25fb54740cd468f3b27eb8af6d335034c3ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508313&bpp=11&bdt=422&idt=254&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kvZM4N4MLJ&p=https%3A//hi.ru&dtd=258
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:28 GMT
server: cafe
content-length: 6650
x-xss-protection: 0
set-cookie: IDE=AHWqTUk_ePF1WJN0epfS5TkQazgSbfO17TYn67J9VeT0QC4bZxkyhQdB2hWkhzV9oTk; expires=Sun, 08-May-2022 07:38:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:28 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A3B 13 KB
7 KB 105ms
105ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c02cb53beae6a1bb1f3c231f48194b251abe87df332b64127f4fd9405a3fd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:28 GMT
server: cafe
content-length: 6662
x-xss-protection: 0
set-cookie: IDE=AHWqTUnlecLA5X0EK8F5KLj3UIBCG_e6bmghakkoi7n2KWoinJy3zOmc6uIUSPQbn0E; expires=Sun, 08-May-2022 07:38:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:28 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3811 17 KB
8 KB 168ms
168ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cf8dc40fae641e0538482962d917adf7034d6b56125bd44304b54047ffe1952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 07:38:28 GMT
server: cafe
content-length: 7827
x-xss-protection: 0
set-cookie: IDE=AHWqTUnMy-PaeszBi93FYKjocj6EQGOjJJlsHfPJgZMbYpoteTEyBcVFQv-jXnYbCpk; expires=Sun, 08-May-2022 07:38:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:28 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9242.PJXdWkgahDex6pM4fBh0XAv107OYmoDoV36C_ts5RHV8dEW3SeZsty8CB-Y4kyFN.jdOGPgQLaRqUizS2LQljd95-5p0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9242.heLehOAM7STWxV9gksbErSIXSI-5dw_f_cQ3zfQQ5MoVB93m5EA82aSNSPmPTfE6PtKY9R3Hgd2KGbRl-wdqdQ%2C%2C.xbXM9K2YrBnEQV-YPJB2FQTjvIE%2C

75 B
75 B

60ms
60ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9242.heLehOAM7STWxV9gksbErSIXSI-5dw_f_cQ3zfQQ5MoVB93m5EA82aSNSPmPTfE6PtKY9R3Hgd2KGbRl-wdqdQ%2C%2C.xbXM9K2YrBnEQV-YPJB2FQTjvIE%2C

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9242.heLehOAM7STWxV9gksbErSIXSI-5dw_f_cQ3zfQQ5MoVB93m5EA82aSNSPmPTfE6PtKY9R3Hgd2KGbRl-wdqdQ%2C%2C.xbXM9K2YrBnEQV-YPJB2FQTjvIE%2C
date: Tue, 13 Apr 2021 07:38:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Fri, 09 Apr 2021 13:58:07 GMT
etag: "60705d6f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Apr 2021 08:38:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 2C78 2 KB
1 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508313&bpp=11&bdt=422&idt=254&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kvZM4N4MLJ&p=https%3A//hi.ru&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:37:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C78 118 KB
36 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 2C78 13 KB
6 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:34:30 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2C78 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNkQ8dEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEugFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3qE1Pq2n0YCRDSk3JeBa-GDbcuABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi01Nzk4ODY3MjQ5ODg3MDMz&sigh=MAperYmEOj4&tpd=AGWhJmsnVeAWFBsX4PKZXK86xIdEJUY5tjvfx_UurY0U_Pts-w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508313&bpp=11&bdt=422&idt=254&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kvZM4N4MLJ&p=https%3A//hi.ru&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 07:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2C78 0
0 29ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hmqqwrzgrjxbf1ah5y3ktbs619pbd7pen6ypy2jc4m8p7d56jqwyd73346cj4y236f6q827y9db1k21nnerq4cgywp388wf490cbqtw0n7zbh32qmvmrbhcfnwxmzktvw46jg7wzn38fycj4xjy4y3qzd40dtyec6xzmqq2ddj0szj7apz4gd7j3trqkpaqnpe44xfryx7zay17h20fq7n6bfadxt2k2znsanyf4y9e9kcyjk6qg9gt2tn55m371361zwmzxdtvv7fvvp862t0awah0y16j698cp9may0pjcj2m03bzn0q3v8prcwrfe3tbnpdg3c4n6bej4zwwkgnzqj542erqwc73hsfebys3cyw1scn00f2y7t542cwj82r76cnd&b=YHVKdAAJA10Iu-U8AA8NemIOezKtPS6UIyxZVA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1166618820&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508313&bpp=11&bdt=422&idt=254&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=2500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=kvZM4N4MLJ&p=https%3A//hi.ru&dtd=258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 07:38:28 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame A33C 2 KB
2 KB 34ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770be66ea01c6922743c6a5d0d5484a98b58bffad2acef8af3de10b3e277a633

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dadcecfac711e1b225619eec67a06bf431618299508; expires=Thu, 13-May-21 07:38:28 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-2tzg
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 096bc3efe800004dd69b23b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f308f97dd74dd6-FRA
content-encoding: br

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BDA9 1 KB
854 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Apr 2021 16:59:40 GMT
expires: Tue, 13 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 52728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 6A3B 2 KB
1 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:37:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A3B 118 KB
36 KB 33ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 6A3B 13 KB
6 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:34:30 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A3B 0
0 19ms
16ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C11sDdEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwAFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH9TpnUBt20jHDQ6MBMNYm39jn2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi01Nzk4ODY3MjQ5ODg3MDMz&sigh=G-noXJpSnLo&tpd=AGWhJmvFnkLpUGw1--U6tUDkfUOxmd5kxcUx74hfvK6Wdm4PIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 07:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6A3B 0
0 20ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gr9jx7ykaya683z1jtm8xq5sz054gbm7hjpjs36cyq36f8rfbrfdqbvnkddjeq66p27efw2rv96rw4ygvkmpwe8aq2berxwnx2jx5d2hw9ykj08hqvzfmk17hcwat6cgyy0a2pk4y1d13zwby6mchb98t5c2s7cqt7rbq6ppa57t9z28mt4zvh9m5ndk9sj2y23qmeyrdtyb0hkhy4ktt5y8993e5p8y8b0t944e3vx7cpfe302gzvcd8fbg9x5ax1wd2rftkzphwsqa5z3wptvk3vz9a1spppkkb8pmkvy6tw7szzbq0e29pwftab5fxk975wtbkntwgzncd9n7wxqb0t1wz0mk7xxn7803q7285tr17951bp9ajp104k44qpxdq0c&b=YHVKdAAJOaQIu-SqAACif-yWSyqkbTWmsdrMUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Apr 2021 07:38:28 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame DEFB 2 KB
1 KB 28ms
21ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd0a39d0800c32aa31d6b4fdfb242118fb4c674352f9818c2d78ed371ebfedd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dadcecfac711e1b225619eec67a06bf431618299508; expires=Thu, 13-May-21 07:38:28 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-2tzg
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 096bc3efe800004dd6a7928000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f308f97dd94dd6-FRA
content-encoding: br

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 586E 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Apr 2021 16:59:40 GMT
expires: Tue, 13 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 52728
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame BDA9 35 B
462 B 30ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELvQKTvOSiWzGw-HubfH0Ok&google_cver=1&google_push=AQvitUKBRCkEQemDLlhLVJmWTSalBmJ1mzJ1e-oK--uH-H2Vxs2OZtq_NY14Mi3cEHEZZdj7Ed-9Ge_HXxQWALWRv7ZJthjjfXw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

1000.gif
id.rlcdn.com/ Frame BDA9
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKVsODIqeYjX3kwiC5krKAAdQJwtlnuZraQDT1ctpwz75oS4QMRrl8ZR476qPyC4y5tz-QHI-Sw56cqogJ86vp7p-Uj36zh&google_gid=CAESEIux3V0vR9jzQcYg3VwEeLg&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPSU1YMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLVnNPRElxZVlqWDNrd2lDNWtyS0FBZFFKd3RsbnVacmFRRFQxY3Rwd3o3NW9TNFFNUnJsOFpSNDc2cVB5QzR5NXR6LVFISS1TdzU2Y3FvZ0...

42 B
317 B

67ms
67ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPSU1YMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLVnNPRElxZVlqWDNrd2lDNWtyS0FBZFFKd3RsbnVacmFRRFQxY3Rwd3o3NW9TNFFNUnJsOFpSNDc2cVB5QzR5NXR6LVFISS1TdzU2Y3FvZ0o4NnZwN3AtVWozNnpo
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 07:38:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

date: Tue, 13 Apr 2021 07:38:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPSU1YMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLVnNPRElxZVlqWDNrd2lDNWtyS0FBZFFKd3RsbnVacmFRRFQxY3Rwd3o3NW9TNFFNUnJsOFpSNDc2cVB5QzR5NXR6LVFISS1TdzU2Y3FvZ0o4NnZwN3AtVWozNnpo
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BDA9
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPtPdofn21G9MidTPLL80v0&google_cver=1&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88
https://rtb.openx.net/sync/dds?google_gid=CAESEPtPdofn21G9MidTPLL80v0&google_cver=1&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88&google_hm=WVKvvojFwXEFU052cRjv1A==

170 B
329 B

55ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88&google_hm=WVKvvojFwXEFU052cRjv1A==

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULITNuoyaqIZp-V6wHP48MzCM6vktBhn8gMsLGW0BAigp2eQRaoBVPYTo2zwCxwR_BPIUWCYrv1ztfUK-Vdc5j2zdQ0h88&google_hm=WVKvvojFwXEFU052cRjv1A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 6ih1is7e5io8kbpht9s7braanc8h3cam

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BDA9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6Jbdn2o2Qsm5uzmDGVbkVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

90ms
69ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6Jbdn2o2Qsm5uzmDGVbkVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIF39A8EYqqKDzcKgenV54BbvSsuQNgN8qSubGmbyy6XND2ZjXsA0AZG1UAf8BbHAovm4wO4-RqOUtAo4E2J33GO5uR9QGL

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6Jbdn2o2Qsm5uzmDGVbkVg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIF39A8EYqqKDzcKgenV54BbvSsuQNgN8qSubGmbyy6XND2ZjXsA0AZG1UAf8BbHAovm4wO4-RqOUtAo4E2J33GO5uR9QGL
Date: Tue, 13 Apr 2021 07:38:27 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BDA9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPRS_Y11xLnK0AdKKlC8QD0&google_cver=1&google_push=AQvitULADRollGuom9QF02dqHH1Sr5ZEEcUFS9APxstYOlk79Bdk3T3xMQlO6fZ337zQbwE0EKl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1ItMU0tQ00wQg==&google_push=AQvitULADRollGuom9QF02dqHH1Sr5ZEEcUFS9APxstYOlk79Bdk3T3xMQlO6fZ337zQbwE0EKlZZh6z2qj486l0U7FYJSTCNGtY

170 B
190 B

122ms
69ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1ItMU0tQ00wQg==&google_push=AQvitULADRollGuom9QF02dqHH1Sr5ZEEcUFS9APxstYOlk79Bdk3T3xMQlO6fZ337zQbwE0EKlZZh6z2qj486l0U7FYJSTCNGtY

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1ItMU0tQ00wQg==&google_push=AQvitULADRollGuom9QF02dqHH1Sr5ZEEcUFS9APxstYOlk79Bdk3T3xMQlO6fZ337zQbwE0EKlZZh6z2qj486l0U7FYJSTCNGtY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BDA9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDpDO9R3h3f7jtAVwY_UH6o&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDpDO9R3h3f7jtAVwY_UH6o&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_push=AQvitUI7eHMZzJOvIIcsdGjAeE3hGVQN3Z0Ha9ZUV7hsnV18uJxAJ9_RN5WboUhVXT22sCmrwikO12nN5o6-EAjGxy...

170 B
190 B

55ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_push=AQvitUI7eHMZzJOvIIcsdGjAeE3hGVQN3Z0Ha9ZUV7hsnV18uJxAJ9_RN5WboUhVXT22sCmrwikO12nN5o6-EAjGxyN2MYB3SpKh&google_gid=CAESEDpDO9R3h3f7jtAVwY_UH6o&google_cver=1

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_push=AQvitUI7eHMZzJOvIIcsdGjAeE3hGVQN3Z0Ha9ZUV7hsnV18uJxAJ9_RN5WboUhVXT22sCmrwikO12nN5o6-EAjGxyN2MYB3SpKh&google_gid=CAESEDpDO9R3h3f7jtAVwY_UH6o&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame BDA9
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJjx1NYTk785ZkDx-GJPSMw&google_cver=1&google_push=AQvitUIY_LUiqT4s8troSVFp...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_LUiqT4s8troSVFpzKAFjUXxK5C24iVoeatzc9a82YCVY2rVcJVe8nSQe-hao8tkqAd4KfEsnCiHiLD6ACYxZVgtp6y2LQ&google_hm=

170 B
190 B

95ms
72ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_LUiqT4s8troSVFpzKAFjUXxK5C24iVoeatzc9a82YCVY2rVcJVe8nSQe-hao8tkqAd4KfEsnCiHiLD6ACYxZVgtp6y2LQ&google_hm=

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIY_LUiqT4s8troSVFpzKAFjUXxK5C24iVoeatzc9a82YCVY2rVcJVe8nSQe-hao8tkqAd4KfEsnCiHiLD6ACYxZVgtp6y2LQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 12 Apr 2021 07:38:28 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BDA9 0
40 B 221ms
53ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JI1M9O7cLikwj1BPScH7ijcdAyHYjEmcY_A-qqhnuFxmARqujad96bopgKPLpc2fQOnEknHg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 586E 35 B
464 B 12ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOJr7pLDoVWDaa2IYFndvd4&google_cver=1&google_push=AQvitUKK5pNw7YDgZV0GVsF5CdMQMmvkEtvhJP51Gv7IaS9xqU6sRDxNBNph1o89KvVkqu4iJnqKMi5Q_lKLj3BWByUvVbLOe1hl

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 586E
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUL4aZV3uR_4sc_DuhOtbrz9nQkcOfpPsOw-jL6_GxHCTgcPB8wSwft0HPN4rks_yBdGoGkNaHjo5LXTeo-PDfRVNQ5t_moO&google_gid=CAESENy5xbaTd0gbhSAIGeAvnGE&goo...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=&google_push

170 B
190 B

115ms
75ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=&google_push

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Apr 2021 07:38:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 586E
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECt3mctWPLiT2ENfbS__hRo&google_cver=1&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU
https://rtb.openx.net/sync/dds?google_gid=CAESECt3mctWPLiT2ENfbS__hRo&google_cver=1&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU&google_hm=WVKvvojFwXEFU052cRjv1A==

170 B
232 B

56ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU&google_hm=WVKvvojFwXEFU052cRjv1A==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIOzjsm7jbDStwMelFuz8rh2VShifkvd3QCK3oSJehJE3R4Hg6czkkcGVkmmOvVDYKyNTeIe8cY_5Me3TR3qrA_dOoGVXcU&google_hm=WVKvvojFwXEFU052cRjv1A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 1phisqk0pf0q81lave4p7nlq6hcgv872

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 586E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
484 B

89ms
69ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK6HL-uM8nTAAddOlgEWT8eEnZrfVSlxoj2Nx5LkGq2NSgaXkd6HVPf_sDRxRqYROf2gZMnoGBYWMVrnbXEZ6d9wyDZ7dSM

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK6HL-uM8nTAAddOlgEWT8eEnZrfVSlxoj2Nx5LkGq2NSgaXkd6HVPf_sDRxRqYROf2gZMnoGBYWMVrnbXEZ6d9wyDZ7dSM
Date: Tue, 13 Apr 2021 07:38:28 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 586E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG3yZVe0aksFW6K8VZc_KSA&google_cver=1&google_push=AQvitULdTnAaMyb10eeL_oM04BhbT6UujrVIYTjnoOco-sPWVe2F88NYaYnDYfHniy3f3dpHVZP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1QtNS1FSEE0&google_push=AQvitULdTnAaMyb10eeL_oM04BhbT6UujrVIYTjnoOco-sPWVe2F88NYaYnDYfHniy3f3dpHVZPJs9QCaILvll5yE9CciqBzyqA

170 B
190 B

125ms
74ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1QtNS1FSEE0&google_push=AQvitULdTnAaMyb10eeL_oM04BhbT6UujrVIYTjnoOco-sPWVe2F88NYaYnDYfHniy3f3dpHVZPJs9QCaILvll5yE9CciqBzyqA

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFTT1QtNS1FSEE0&google_push=AQvitULdTnAaMyb10eeL_oM04BhbT6UujrVIYTjnoOco-sPWVe2F88NYaYnDYfHniy3f3dpHVZPJs9QCaILvll5yE9CciqBzyqA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 586E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELo-gP-kj40t628cSSIHLsg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELo-gP-kj40t628cSSIHLsg&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdJaeSlWU7X0-8U_5IQAAAsgAAAIB&google_push=AQvitUJnOgpJXfIhoohfg5l_m7ZVtO9ZC7UBLMuN7PJxhKVMCWbmUyehHNtVfnWhvHmnSvjwgtasTdAbPJh55YKm_K...

170 B
190 B

54ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdJaeSlWU7X0-8U_5IQAAAsgAAAIB&google_push=AQvitUJnOgpJXfIhoohfg5l_m7ZVtO9ZC7UBLMuN7PJxhKVMCWbmUyehHNtVfnWhvHmnSvjwgtasTdAbPJh55YKm_KsQZcdIsj2X&google_cver=1&google_gid=CAESELo-gP-kj40t628cSSIHLsg

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdJaeSlWU7X0-8U_5IQAAAsgAAAIB&google_push=AQvitUJnOgpJXfIhoohfg5l_m7ZVtO9ZC7UBLMuN7PJxhKVMCWbmUyehHNtVfnWhvHmnSvjwgtasTdAbPJh55YKm_KsQZcdIsj2X&google_cver=1&google_gid=CAESELo-gP-kj40t628cSSIHLsg
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 586E
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECCelL67c-dpS6R57F4zLGQ&google_cver=1&google_push=AQvitUJYxsl6tyq1BRuDdZrW...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJYxsl6tyq1BRuDdZrWFhWNJ42ul8LpKvlfzKEqPDzWi-d_gGL3KpIMkBZ9W0DI9rCS23dsjLzNAYZAKvXmZpjPRPzzSWY2qw&google_hm=

170 B
190 B

92ms
71ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJYxsl6tyq1BRuDdZrWFhWNJ42ul8LpKvlfzKEqPDzWi-d_gGL3KpIMkBZ9W0DI9rCS23dsjLzNAYZAKvXmZpjPRPzzSWY2qw&google_hm=

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJYxsl6tyq1BRuDdZrWFhWNJ42ul8LpKvlfzKEqPDzWi-d_gGL3KpIMkBZ9W0DI9rCS23dsjLzNAYZAKvXmZpjPRPzzSWY2qw&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 12 Apr 2021 07:38:28 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 586E 0
236 B 203ms
53ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2ybtL5dweJg4zctlgy59AqoG6sVHCTr_6VaN6w7H1xboOkXhHnTQvSjNP3NRncGsRNQ43rw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=2268705386&adk=3281052817&adf=1388852403&pi=t.ma~as.2268705386&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508348&bpp=1&bdt=458&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=2PJr0Y2AyN&p=https%3A//hi.ru&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 8 KB
9 KB 117ms
114ms Script
application/javascript 198.24.170.50
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=74084&multi=4&json=nc_editorial&callback=this.cpmstar_dynamic_editorials.editorial_1.callback&rnd=450666
Requested by: Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/js/textad_async_v100.pack.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.50 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 91699591f75211187d34f4c9ffd5068b9a0a910a382079f29a488b661a9c643e

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:28 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame A33C 58 KB
58 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=hiljLg==, md5=+lvqF0TsKKKClDdg0n1GpA==
date: Tue, 13 Apr 2021 07:38:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2493921
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uwujar11Vkwh6U6n2MXFne7AWYJGqCzROZDlvajsE11nvMJCQziEfwndO5biOTHJ84pHc8ApwhyUSOSXqNIPW1AgPvCqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58969
cf-request-id: 096bc3f00600004dd681b90000000001
last-modified: Mon, 15 Mar 2021 10:52:33 GMT
server: cloudflare
etag: "fa5bea1744ec28a282943760d27d46a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KV6DlJG2VIexmo7zMoSICTpHu9BvQ7kbYj00hImIpkingH0get1uZNDIwI8PRzl6l3Dj9jeMUgCVrSRiNLpQstqQ64BDYuK2t%2BiM8yIygQ030s5Z"}]}
x-goog-generation: 1615805553645751
content-type: text/css
expires: Tue, 15 Mar 2022 10:53:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 63f308f9ae3b4dd6-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame A33C 53 KB
15 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 684ff092700c7b5f8852994d1795a7246c204d0f97e64f1dc34a4a07d1dc4d82

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=0RPMmQ==, md5=Ohk2wK1I/f+nXoeuNDBp3g==
date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 40484
cf-polished: origSize=53797
x-guploader-uploadid: ABg5-UxU0fzbIYV3cROO_rTGW67rl4pxxqoGI_dV3c1A6jAx2ZK_9UpAwD17BnIAA7tlqjlI5zcEH4KhTSPQ74z6XcMq33qgrg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096bc3f00700004dd6f12da000000001
last-modified: Wed, 24 Mar 2021 20:23:06 GMT
server: cloudflare
etag: W/"3a1936c0ad48fdffa75e87ae343069de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2foLMrjIAkuYTZfsZMbx%2BosjgGijjxGuKuY5UwDNxN9xjZbAqMhpdc8IS6%2FsKhTtmXzCxXpYBO57OWF6qq3FUXMEeK%2F8PqjcsLMc4o5fWo4BI%2BEX"}]}
x-goog-generation: 1616617386640534
content-type: application/javascript; charset=utf-8
expires: Mon, 12 Apr 2021 20:23:44 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 15196
cf-ray: 63f308f9ae3c4dd6-FRA
cf-bgj: minify

GET
H2 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame DEFB 58 KB
58 KB 14ms
14ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=hiljLg==, md5=+lvqF0TsKKKClDdg0n1GpA==
date: Tue, 13 Apr 2021 07:38:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2493921
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uwujar11Vkwh6U6n2MXFne7AWYJGqCzROZDlvajsE11nvMJCQziEfwndO5biOTHJ84pHc8ApwhyUSOSXqNIPW1AgPvCqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58969
cf-request-id: 096bc3f00700004dd6cd9a9000000001
last-modified: Mon, 15 Mar 2021 10:52:33 GMT
server: cloudflare
etag: "fa5bea1744ec28a282943760d27d46a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q0NJjlpI4mVU4KfwzIHzt%2BYOz3F18QCIsaYB2cmBpfVwyUym9RbOFwQygFB395UhM6w45v9E1mJUh8VhCNCe8L7ks9%2FP9%2BUTfc9WAM6Nk6JJQLb8"}]}
x-goog-generation: 1615805553645751
content-type: text/css
expires: Tue, 15 Mar 2022 10:53:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 63f308f9ae3d4dd6-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame DEFB 53 KB
15 KB 21ms
21ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 684ff092700c7b5f8852994d1795a7246c204d0f97e64f1dc34a4a07d1dc4d82

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=0RPMmQ==, md5=Ohk2wK1I/f+nXoeuNDBp3g==
date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 40484
cf-polished: origSize=53797
x-guploader-uploadid: ABg5-UxU0fzbIYV3cROO_rTGW67rl4pxxqoGI_dV3c1A6jAx2ZK_9UpAwD17BnIAA7tlqjlI5zcEH4KhTSPQ74z6XcMq33qgrg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 096bc3f00800004dd6de987000000001
last-modified: Wed, 24 Mar 2021 20:23:06 GMT
server: cloudflare
etag: W/"3a1936c0ad48fdffa75e87ae343069de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yLsaFpAZXRcj%2Fo4c3OPy3NMUjXfU8PBKIo9diYd1hNklLa6dpAbZH91bzWVILQYmFo3%2BOxfrxpHyI%2FO9reLpS6rvisBnZFYVCO7ZB41%2FR9yY4B%2Bw"}]}
x-goog-generation: 1616617386640534
content-type: application/javascript; charset=utf-8
expires: Mon, 12 Apr 2021 20:23:44 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 15196
cf-ray: 63f308f9ae3e4dd6-FRA
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame 6A3B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 314f44af9bc600b5049e321d1bb6e0e71f03dcb438028e5cb8e655196273dc8c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2C78 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8385ba2fe70bedfc49e4d1ae4c45dae613166832166b9534e4ff3a736b69d109

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A33C 3 KB
4 KB 44ms
12ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1897
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-request-id: 096bc3f09600004abd74081000000001
last-modified: Thu, 08 May 2014 12:48:39 GMT
server: cloudflare
etag: "536b7d27-cbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3NwpeP8PWXVG%2FSYb%2BuUKn8Wb%2F5d5YW7CgxUv9p02AisM0ZAvw5DtrRWvw0XZ%2BqzeYKKChx4rHjJeIXrj7Wxd8qmBVT4XWTG5RTF8Mv1FV8SIzDSlbNEsFmq0Zneqa2gZiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 63f308fa8b414abd-FRA

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DEFB 3 KB
3 KB 42ms
12ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1897
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-request-id: 096bc3f09600004abd92ad7000000001
last-modified: Thu, 08 May 2014 12:48:39 GMT
server: cloudflare
etag: "536b7d27-cbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VZ4kK9q%2BCgqMknvdz7s%2FpLd1JNfygAv5wxpTiy1MRuC7dOZjXfkfGYJSNUHPr26yseKCm9SUZVKy8bw09KP%2FNWtI0esaB972NboH6xh%2BjnH%2B20m7vCTeCUbKqgBt4mIQ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 63f308fa8b424abd-FRA

GET
H2 200 frame.html Show response
ad4m.at/ Frame AD4D 2 KB
1 KB 14ms
13ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-type: text/html
set-cookie: __cfduid=ded5807c1fc29335f7ffb1adff0b6c4101618299508; expires=Thu, 13-May-21 07:38:28 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 13 Apr 2021 08:38:28 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2160239
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 096bc3f08c00004dd6d22a0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Je9vaguwB1P8iXA4nnOt4CQu5rfATaC%2BjvhzdA%2BzAImWl4jFGIi7xOdKUo4QQD9IoPBx7ZV%2F51b2CIi0Wr3lQg5YkQnazESjRBaXLgGMy%2FBVvIFq"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 63f308fa7ff84dd6-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4m.at/ Frame 330D 2 KB
1 KB 14ms
14ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-type: text/html
set-cookie: __cfduid=d6f60af18bc5db24a70ded607f152747c1618299508; expires=Thu, 13-May-21 07:38:28 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 13 Apr 2021 08:38:28 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2160239
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 096bc3f08c00004dd6b7b50000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8gUpttVxCdxGWYIsrtR3NpE2NOBZh0lu6UB2neqs11UDc2Gs9lBfa%2BMUBH2oVNk%2FIDjcHKfYzY0LJiepGn41iAW30hcH0YBo3s4bXmueJO7nfXQM"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 63f308fa7ffa4dd6-FRA
content-encoding: br

GET
H2 200 seafight_teaser_180x100_01_en.jpg
ssl.cdne.cpmstar.com/cached/creatives/1260399/ 7 KB
7 KB 235ms
29ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1260399/seafight_teaser_180x100_01_en.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F78E) /
Resource Hash: 8d3f5afdd66c0d2bf4a0259200348609ec8a6e99a226613cf3cda67dfe29e2b3

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
last-modified: Tue, 13 Apr 2021 05:06:10 GMT
server: ECAcc (ska/F78E)
age: 9139
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1260399_seafight_teaser_180x100_01_en.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 6779
expires: Wed, 14 Apr 2021 07:38:29 GMT

GET
H2 200 drakensang_banner_180x100_en.jpg
ssl.cdne.cpmstar.com/cached/creatives/1260398/ 7 KB
7 KB 232ms
26ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1260398/drakensang_banner_180x100_en.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F6E2) /
Resource Hash: 3c4372c49f49c047cfe84c12d2208f8d6021fb549f682628a9a596906b639834

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
last-modified: Tue, 13 Apr 2021 05:05:56 GMT
server: ECAcc (ska/F6E2)
age: 9153
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1260398_drakensang_banner_180x100_en.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 7326
expires: Wed, 14 Apr 2021 07:38:29 GMT

GET
H2 200 Eternal_Fury_Banner_05_180x100.jpg
ssl.cdne.cpmstar.com/cached/creatives/1234000/ 10 KB
11 KB 237ms
31ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1234000/Eternal_Fury_Banner_05_180x100.jpg
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ska/F6B7) /
Resource Hash: d09dedeba8fb4802437aeb27cd9148200f1ca17dd0c699bf7b85a0fd0ae97669

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
last-modified: Mon, 12 Apr 2021 10:26:28 GMT
server: ECAcc (ska/F6B7)
age: 76321
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1234000_Eternal_Fury_Banner_05_180x100.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 10737
expires: Wed, 14 Apr 2021 07:38:29 GMT

GET
H2 404 undefined
hi.ru/ 207 B
207 B 45ms
44ms Image
text/html 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.ru/undefined
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 42b206909b77ec3f74e3e407c55f1511d1f9beaa99af49a41edb4620b5553428

Request headers

Referer: https://hi.ru/?md81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C6E 0
0 18ms
16ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C77ZMdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMABT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgImBfwOJj4ieS35FJAaXU4S68gAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgH6CwIIAYAMAbIXGAoWEhRwdWItNTc5ODg2NzI0OTg4NzAzMw&sigh=rVxUxN50YBo&tpd=AGWhJmsRk0XF7kqMSegsapIr_5v4uYu9ehk5jpfHcDfVp6qP8Ck03fOZCs6jzFwYtmwEOVsn8JluJvjRdNZZ4IQWgiWSK0ZjuvKe4JWVtQIUj-IXjY7SpdXRaZE5mgsxwnfumyvLGqgZca9YBfbgM0aNeZKWKDuGC4ut_Av34v3kqjOBN7kfRA379EUPyjTzRX_p1ZG18pmCS1TNhQ0u7b3FDgUZ_EW860rf7Dy9IFCeWr51vtlnKLYGmsnkr7JqBR82WdOOAWuuYxKzrIQwl8UM2rTGgoH6CDCuLMDOzcLRnMkEWNgcHSPTBfN63skGvwESIbDbqGf1oWTxarHNyBKURFDCW1nzTFSIwPkaVWHWwO61Da_KMcPEVQWd1HwDd7pifu6RIgvkANnI__vhWmKma4TbrSStpuZx_isJQaYYaYasVHCtmBAmgJdbMk2ECeGz_Qynwreq80AgEFa74SZ3ptuGR-tmzq-kvTTEafCcBeiX3qQHdaHewRSw0C-VKqvkwReHIhwH8nKa5SbXKf362uFDBckplsLoBCpRTqUA75kTTVfvsOx2NnInZtTd9hnJDhiFacaK00ZMllFQCjKafKU6daZ53Fg3Lty-CnelSgv7Hi152IuxPuwV8MfsDer2zugSevj6yAUK3f4Xv09BE1Y8A4jafYBAjMv8qANOAS8rSA9DMmljJ_pfomnl0IfPAS85BQPgxObAzB9olUNtEYIrREhT6zAvZS8EyoZfZxgalQDo7umvko5qIPpDz2ykKbSlQdAEDnHe8n-NbaZTb9IdwH_0g6g6AMdGcnKPNsiLZK0__RlOrgeuzWr3CFxUnQ34CzeLhc0KLIXFnks1awB8eRNFjSdZUu7Jci_tlYwhYgRqjNhSFO-D8uWXxegPemREyPArlVaOPgutjjpfJKRwa-hnV34VklMpkpQiOzu0QqAvl_wPgVbmh5J6G0HWnpPC0zdi1A4Exrh4Q-_B7uqEvEkl_iHgLWEWRBf9PL_-Z-8RQfykmAb_ZHZ1McG5kSADdkh3DgghapaCegT9LUXIcgI

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 07:38:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 1C6E 2 KB
2 KB 233ms
48ms Script
application/x-javascript 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpZek1UazBNMkV0WVRnNU1DMDNObUpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4MzQ4MzIwNzczNzc4MzA4MDQvNjYyMjMyNS80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5Ty1hek5Pem5XLTk2ZDdRaHh0TV9yby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODM0ODMyMDc3Mzc3ODMwODA0L2Ftcy8wLzM2Mi80MC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxODI5OTUwOC8xNjE4MzEyMTA4LzQvcHViLTU3OTg4NjcyNDk4ODcwMzMv/HrDBk9eh168zn3S6O071LNNWBo4&nodeid=2823&group=eu&auctionid=3834832077377830804&sid=4562306&cid=6622325&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%26client%3Dca-pub-5798867249887033%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: d244ca4e5f0e5315e1309132922e51d109dde6000e12aa026de1df69051522fa

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:28 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1618299508
Last-Modified: Tue, 13 Apr 2021 07:38:28 GMT
Server: MMBD/3.197.0
x-mm-latency: 19 (18)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x52, cdg-bidder-x172
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 13 Apr 2021 07:38:27 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 1C6E 2 KB
1 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:37:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C6E 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 1C6E 13 KB
6 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:34:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1C6E 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6PSBvYaA6GgLvEt6miIFeMmDTYQP-J5cx4mIdI1-fX_SifB1NSYoE5TCuUnuGygeyNWyn5oPay8NBO_XQTCn-1cqGGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

1 Show response
mc.yandex.com/watch/27131102/
Redirect Chain

https://mc.yandex.com/watch/27131102?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A446%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A446%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...

184 B
338 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A446%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A547965224373%3Ahid%3A491213153%3Az%3A120%3Ai%3A20210413093828%3Aet%3A1618299509%3Ac%3A1%3Arn%3A26344211%3Au%3A1618299509426716044%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618299507717%3Ads%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C503%2C40%2C%2C%2C%2C677%3Adsn%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C505%2C40%2C%2C%2C%2C677%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618299509%3At%3AHi.ru

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

621f0e445275dcb3fd0dd6e6230bfaad8e10f59c08ae0ebfc076808a7176b7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 13-Apr-2021 07:38:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Tue, 13-Apr-2021 07:38:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:28 GMT
last-modified: Tue, 13-Apr-2021 07:38:28 GMT
location: /watch/27131102/1?wmode=7&page-url=https%3A%2F%2Fhi.ru%2F%3Fmd81&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A446%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A547965224373%3Ahid%3A491213153%3Az%3A120%3Ai%3A20210413093828%3Aet%3A1618299509%3Ac%3A1%3Arn%3A26344211%3Au%3A1618299509426716044%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618299507717%3Ads%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C503%2C40%2C%2C%2C%2C677%3Adsn%3A1%2C81%2C88%2C1%2C0%2C0%2C%2C505%2C40%2C%2C%2C%2C677%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618299509%3At%3AHi.ru
strict-transport-security: max-age=31536000
access-control-allow-origin: https://hi.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 13-Apr-2021 07:38:28 GMT

GET
H2 200 frame.html Show response
ad4mat.net/ Frame D64B 1 KB
921 B 16ms
13ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
content-type: text/html
set-cookie: __cfduid=d06aa254ab3e2405f7738a9b3c92ebeea1618299509; expires=Thu, 13-May-21 07:38:29 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 1911
cf-request-id: 096bc3f14a00004abdc6006000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z04a3CfUkkyvyaL2nF%2F3pXJlsWrkSf%2BCkRKVO5RS6D0mtooHlAWTX%2BeTUo9DScdJlJF1kOxevKa5%2BtgJwIsWSsFmQibsTBnAZpnaueGUJ0qAqNkOA8xq"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 63f308fbad184abd-FRA
content-encoding: br

GET
H2 200 frame.html Show response
ad4mat.net/ Frame ED1F 1 KB
1 KB 15ms
12ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
content-type: text/html
set-cookie: __cfduid=d06aa254ab3e2405f7738a9b3c92ebeea1618299509; expires=Thu, 13-May-21 07:38:29 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 1911
cf-request-id: 096bc3f14a00004abdbd242000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KNKeAXfXhMFJC9ys2cjWiTiVkXuTw%2FPIVCukl8lA%2BBErv7C96Z9mpH1b%2BdjCwGnUthN%2BJCBFVxkY4lOsMQN3sPvUCVubEiFDYjzXnXGWbX%2BNwrHlJ5Zi"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 63f308fbad1b4abd-FRA
content-encoding: br

GET
H3-Q050 200 5286763676304281139
tpc.googlesyndication.com/simgad/ Frame 1435 32 KB
32 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5286763676304281139?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm_1Ws0SPRHJs3ASHqqU-Ya2AaZAA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508278&bpp=1&bdt=387&idt=237&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8adGg5S7iK&p=https%3A//hi.ru&dtd=241

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17defd12a8dbf98aeea4043b34398f7ab77beb8291a32265097a1e601189fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 22:34:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Aug 2018 16:18:04 GMT
server: sffe
age: 119057
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32770
x-xss-protection: 0
expires: Mon, 11 Apr 2022 22:34:12 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame 1435 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 3769647970510480794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:36:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 1435 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:37:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1435 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 1435 13 KB
5 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:34:30 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 1435 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 05:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10481
x-xss-protection: 0
server: cafe
etag: 6535096331343443408
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 05:37:46 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1435 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQxjZdEp1YJLmILvK7_UP4dqgkAfah9uOX8LQwZ6PCJaCzYWIFhABIOehgHpglQKgAf-wpKMDyAECqQJH8WToFQy3PqgDAcgDyQSqBMcBT9BbT2gshB-eLqZdKcaJtkZeI6V8fevMqKhItm3pPcYaaGCQskjcANRCX9_wzqvpyx3E78EeGKVHQUmn4Q1M_fZ-eqdJpe03vguddTY86hRAPGN7KnwqWknfCRju3XWVxC5cIYCbJQERR9Yl37pT_V7sEyV69cnsBZcZqSbh63YxZYcC50K9zP_aUnrvnOR7Nut6tEiPRy5mSum0eDWilfInPHwjz0oapdUy-1cVZv51t_iecB4nYHFd_PQb2BVCPUAsiz5phMAEnczogNYBkgUECAQYAZIFBAgFGASgBgKAB73XhCyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQppEM0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTU3OTg4NjcyNDk4ODcwMzM&sigh=eI1U_MKN9GI&tpd=AGWhJmttAWAAG9OE3P7_Z6cJ7RHWcFvSugjmmhUXPW_OQ7B6nw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508278&bpp=1&bdt=387&idt=237&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8adGg5S7iK&p=https%3A//hi.ru&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 07:38:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/ Frame C7BE 79 KB
19 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a347090d8eb4a6572a9d88d6d876b2bdba5fe5d8bc1bb592fa23f724b9f029f6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4633029431731172726/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 09 Apr 2021 10:02:14 GMT
expires: Sat, 09 Apr 2022 10:02:14 GMT
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 18011
age: 336975
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame BCA0 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClfMedEp1YOe8H8mS7_UPsYOomAmZpbaOYpepx-v7DOzDtauuARABIOehgHpglQKgAeawvb8DyAEJqQLQlJ9nn_azPqgDAcgDSKoExgFP0PEOkREbY-rFkgEhZ6ZWuh9PW89D4izwGt3Sy5SuL_YDcKXDxGyJR0uvC3eimWXi7nYZ73gpX9S7oB9zwR_fScWM8yKXHdcCL53JPwI4RJCsMY0kanl1jkSaQJMDvs3kK2QrZNGFn8H4R2FybAL-PW2zAWmNLg3Zv8-8_r13t5StXlxA1bGyYkKeas1RRbWIqsmJcYf937HaERPdqdJXxoKvPxCC_Z4zhrZs7hSfILUSc8OCw37QKWLJhNIBANfq7nSD127ABKner8TBA5IFBAgEGAGSBQQIBRgEoAYugAeCz8JAqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELGuB9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01Nzk4ODY3MjQ5ODg3MDMz&sigh=AYNBkD4Ouxs&template_id=419&tpd=AGWhJmtoKe869PebReBeJiMLWMXUiwjw5zLuXL7X0PTw_5ryog

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1618299508&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508262&bpp=15&bdt=371&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B0S8bW8pYO&p=https%3A//hi.ru&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 07:38:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame BCA0 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1618299508&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508262&bpp=15&bdt=371&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B0S8bW8pYO&p=https%3A//hi.ru&dtd=236

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 3769647970510480794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:36:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame BCA0 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:37:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCA0 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame BCA0 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:34:30 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2B4 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508278&bpp=1&bdt=387&idt=237&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8adGg5S7iK&p=https%3A//hi.ru&dtd=241
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnMy-PaeszBi93FYKjocj6EQGOjJJlsHfPJgZMbYpoteTEyBcVFQv-jXnYbCpk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=9025685422&adk=4038436&adf=2406252406&pi=t.ma~as.9025685422&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508278&bpp=1&bdt=387&idt=237&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=8adGg5S7iK&p=https%3A//hi.ru&dtd=241

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 13 Apr 2021 07:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1435 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54ae918be32acf5904e7c28112a5a3df0f4233c068c60ed205fd9b9373a35815

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK xxvlvujily3i Show response
hal9000.redintelligence.net/zone/ Frame 1C6E 10 KB
3 KB 106ms
33ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/xxvlvujily3i?subid=&rnd=3834832077377830804&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3834832077377830804%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_cid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%2526client%253Dca-pub-5798867249887033%2526adurl%253D%26redirect%3D
Requested by: Host: hi.ru
URL: https://hi.ru/?md81
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 351d45d7ce9ed6a6da006a60d31b77981079dd882e8b01afbe5cabcac606665d

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3355
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 1C6E 49 B
330 B 87ms
30ms Image
image/gif 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=3834832077377830804&node_id=2823&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpZek1UazBNMkV0WVRnNU1DMDNObUpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4MzQ4MzIwNzczNzc4MzA4MDQvNjYyMjMyNS80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5Ty1hek5Pem5XLTk2ZDdRaHh0TV9yby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODM0ODMyMDc3Mzc3ODMwODA0L2Ftcy8wLzM2Mi80MC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxODI5OTUwOC8xNjE4MzEyMTA4LzQvcHViLTU3OTg4NjcyNDk4ODcwMzMv/HrDBk9eh168zn3S6O071LNNWBo4&nodeid=2823&group=eu&auctionid=3834832077377830804&sid=4562306&cid=6622325&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:28 GMT
Server: MMBD/3.197.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x53, cdg-bidder-x172
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 13 Apr 2021 07:38:27 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 1C6E 43 B
360 B 114ms
48ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3834832077377830804&v3=651871&v4=4562306&v5=6622325&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpZek1UazBNMkV0WVRnNU1DMDNObUpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4MzQ4MzIwNzczNzc4MzA4MDQvNjYyMjMyNS80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5Ty1hek5Pem5XLTk2ZDdRaHh0TV9yby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODM0ODMyMDc3Mzc3ODMwODA0L2Ftcy8wLzM2Mi80MC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxODI5OTUwOC8xNjE4MzEyMTA4LzQvcHViLTU3OTg4NjcyNDk4ODcwMzMv/HrDBk9eh168zn3S6O071LNNWBo4&nodeid=2823&group=eu&auctionid=3834832077377830804&sid=4562306&cid=6622325&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3660 495c301 master zrh-pixel-x13 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:29 GMT
Server: MT3 3660 495c301 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 13 Apr 2021 07:38:28 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 1C6E 49 B
330 B 89ms
31ms Image
image/gif 185.29.135.190
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3834832077377830804&st=4562306&time=1618299509&nodeid=2823
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTnpZek1UazBNMkV0WVRnNU1DMDNObUpqTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM4MzQ4MzIwNzczNzc4MzA4MDQvNjYyMjMyNS80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5Ty1hek5Pem5XLTk2ZDdRaHh0TV9yby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zODM0ODMyMDc3Mzc3ODMwODA0L2Ftcy8wLzM2Mi80MC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYxODI5OTUwOC8xNjE4MzEyMTA4LzQvcHViLTU3OTg4NjcyNDk4ODcwMzMv/HrDBk9eh168zn3S6O071LNNWBo4&nodeid=2823&group=eu&auctionid=3834832077377830804&sid=4562306&cid=6622325&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.25&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%26client%3Dca-pub-5798867249887033%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.190 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.197.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:28 GMT
Server: MMBD/3.197.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x50, cdg-bidder-x172
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 13 Apr 2021 07:38:27 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FA3 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1618299508&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508262&bpp=15&bdt=371&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B0S8bW8pYO&p=https%3A//hi.ru&dtd=236
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnMy-PaeszBi93FYKjocj6EQGOjJJlsHfPJgZMbYpoteTEyBcVFQv-jXnYbCpk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=9888669945&adk=4009741209&adf=146988736&pi=t.ma~as.9888669945&w=970&lmt=1618299508&psa=0&format=970x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508262&bpp=15&bdt=371&idt=232&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=346&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B0S8bW8pYO&p=https%3A//hi.ru&dtd=236

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 13 Apr 2021 07:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 904
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BCA0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c834162ee91bbe5baf82f5e7c44b608cd1f5a432f9fe25a2d0aa8386f3ccf08f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C7BE 16 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 01:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 14 Apr 2021 01:08:59 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C7BE 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Apr 2021 18:54:37 GMT

GET
H2 200 31b4ea2bd2a51d39610fc8aa214e4119.js Show response
www.gstatic.com/mysidia/ Frame 5C72 6 KB
3 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/31b4ea2bd2a51d39610fc8aa214e4119.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1618299508&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508277&bpp=1&bdt=387&idt=229&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7N407FOJbX&p=https%3A//hi.ru&dtd=233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 02:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 365211
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Thu, 08 Jul 2021 02:11:38 GMT

GET
H2 200 099008b8d5d5347913645b07fc749d45.js Show response
www.gstatic.com/mysidia/ Frame 5C72 6 KB
3 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/099008b8d5d5347913645b07fc749d45.js?tag=gpa/maximal_v1_och_tag

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0918d3ae6fcc311deeeb0b5a6f56f0ba635c5c5cd54d3a96515d06b21c18df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 02:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 362637
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2674
x-xss-protection: 0
expires: Thu, 08 Jul 2021 02:54:32 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 5C72 2 KB
730 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 07:18:35 GMT
server: ESF
date: Tue, 13 Apr 2021 07:38:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H2 200 e91d763233dfa13a1924fbe91cfd4845.js Show response
www.gstatic.com/mysidia/ Frame 5C72 8 KB
4 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e91d763233dfa13a1924fbe91cfd4845.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedddb3e8da114412602440e01aa8122a149527f3f30859c276f5efa31ecb7e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 06:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 08:45:50 GMT
server: sffe
age: 435171
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3798
x-xss-protection: 0
expires: Wed, 07 Jul 2021 06:45:38 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 5C72 1 KB
979 B 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:36:26 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame 5C72 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 3769647970510480794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:36:47 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 5C72 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:37:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C72 118 KB
36 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 5C72 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 07:34:30 GMT

GET
H3-Q050 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 5C72 25 KB
11 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 367344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 08 Jul 2021 01:36:05 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2B4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

39ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnMy-PaeszBi93FYKjocj6EQGOjJJlsHfPJgZMbYpoteTEyBcVFQv-jXnYbCpk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 07:38:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 13-Apr-2021 08:38:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 07:38:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 58E5 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 15:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 56696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Tue, 12 Apr 2022 15:53:33 GMT

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 1C6E
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=ccc0dff178&subid=&uid=9b7dc99a3d144c35&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=ccc0dff178&subid=&uid=9b7dc99a3d144c35&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
932 B

165ms
101ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=ccc0dff178&subid=&uid=9b7dc99a3d144c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3834832077377830804%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_cid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%2526client%253Dca-pub-5798867249887033%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5798867249887033%26output%3Dhtml%26h%3D250%26slotname%3D8450970356%26adk%3D2494497118%26adf%3D1726048742%26pi%3Dt.ma~as.8450970356%26w%3D300%26lmt%3D1618299508%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fhi.ru%252F%253Fmd81%26flash%3D0%26wgl%3D1%26dt%3D1618299508349%26bpp%3D3%26bdt%3D459%26idt%3D242%26shv%3Dr20210407%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x90%252C728x90%252C300x250%252C300x250%252C300x250%252C300x250%26nras%3D1%26correlator%3D6871727324126%26frm%3D20%26pv%3D1%26ga_vid%3D723691177.1618299508%26ga_sid%3D1618299508%26ga_hid%3D1893615385%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1140%26ady%3D4652%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066434%252C44740079%26oid%3D3%26pvsid%3D217667731315329%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DZQiOoamB5Z%26p%3Dhttps%253A%2F%2Fhi.ru%26dtd%3D245&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fhi.ru&random=6553879725682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0953f7b2cdb1844e5f89b74fabb39a7d9e37817dd0b680ea2bc70982c12a1ba0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 26145600051394800951399011563003
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 326
Expires: Tue, 13 Apr 2021 08:38:29 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:29 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=ccc0dff178&subid=&uid=9b7dc99a3d144c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3834832077377830804%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_cid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%2526client%253Dca-pub-5798867249887033%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5798867249887033%26output%3Dhtml%26h%3D250%26slotname%3D8450970356%26adk%3D2494497118%26adf%3D1726048742%26pi%3Dt.ma~as.8450970356%26w%3D300%26lmt%3D1618299508%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fhi.ru%252F%253Fmd81%26flash%3D0%26wgl%3D1%26dt%3D1618299508349%26bpp%3D3%26bdt%3D459%26idt%3D242%26shv%3Dr20210407%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x90%252C728x90%252C300x250%252C300x250%252C300x250%252C300x250%26nras%3D1%26correlator%3D6871727324126%26frm%3D20%26pv%3D1%26ga_vid%3D723691177.1618299508%26ga_sid%3D1618299508%26ga_hid%3D1893615385%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1140%26ady%3D4652%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066434%252C44740079%26oid%3D3%26pvsid%3D217667731315329%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DZQiOoamB5Z%26p%3Dhttps%253A%2F%2Fhi.ru%26dtd%3D245&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fhi.ru&random=6553879725682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 13 Apr 2021 08:38:29 +0200

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FA3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

39ms
38ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnMy-PaeszBi93FYKjocj6EQGOjJJlsHfPJgZMbYpoteTEyBcVFQv-jXnYbCpk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 07:38:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 13-Apr-2021 08:38:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 07:38:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 07:38:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame C7BE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 15:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 56696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Tue, 12 Apr 2022 15:53:33 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 5C72 17 KB
17 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTyAEcBUt7DbZQkhll-QEVD7O2U_gkP4vj48DpzIkWIJ_A4XkwHCeeFd8GAfIA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0f16d410a81a8c71a8ce8344d56a24f83d8124d3da81401c03e46bc1640c031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 03:21:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:10:15 GMT
server: sffe
age: 447429
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16924
x-xss-protection: 0
expires: Fri, 08 Apr 2022 03:21:20 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5C72 25 KB
25 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRcr4Sy2rosxlyMY2PawvpbdvsuHQYTl4djWsQTYBKVcKPTptGKbNrzLndFxlc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9191ffc3e86d732ee8fbdd5ccc58a0626b0a3af1bb95b6d49db4565f4c725406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:02:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 14 Feb 2021 11:29:07 GMT
server: sffe
age: 336971
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25307
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:02:18 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5C72 39 KB
39 KB 33ms
12ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRMgpTRgK-Y2Vj28bh2W6Zyv9bIzmGF5CPMZ-GFeF7XTnFurOeV&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab9515d47f51736922c97938a571cbcbafd98454a7fe76355b2d8865c869158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:06:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2020 23:25:25 GMT
server: sffe
age: 336694
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39550
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:06:55 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5C72 13 KB
13 KB 38ms
18ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRU0iIGvzQb5gmeV9ljHrDkecgRkCCPr0M_V0aEijUc2BGnt2g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590e6d7e14b573c23cbc122b454c02b3cad004ddbc0e9ba475f23b3b9c557439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 03:55:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 10:08:23 GMT
server: sffe
age: 445409
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
expires: Fri, 08 Apr 2022 03:55:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 5C72 9 KB
9 KB 32ms
11ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQUEOPpvq6LBAsCanU6jw9vQkY-p5mOmhOpU-290gLDykzWidIvKXroO7PYE9s&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bf5864880db34425cacbc40063553c0fc4fafcc34536e9ac6cfe7befbd77261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 03:21:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 23 Jan 2021 06:17:39 GMT
server: sffe
age: 447429
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9001
x-xss-protection: 0
expires: Fri, 08 Apr 2022 03:21:20 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5C72 7 KB
7 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSARfG7iVVWrKYFR8DTYL4hS8p40RVUHmVrk-_qBAJHrx1IfPKKNwwVzaQ1X98&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7914c9fcb8ce1be779b79aaaa9f1e096694585dd0f29995e2888de55871e35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 11:49:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 23:10:23 GMT
server: sffe
age: 157726
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6741
x-xss-protection: 0
expires: Mon, 11 Apr 2022 11:49:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5C72 17 KB
17 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQjxjCYlTUWljCPRbm2FnyyW67S7bMh7HN7zA9z3byQsVBHXmcLZOTlZGHpJz4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3940a5b825ca2173c8c40ee6032fff392d3932c9fedf32c38189bddab06fade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:05:57 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Feb 2021 14:16:24 GMT
server: sffe
age: 336752
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16901
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:05:57 GMT

GET
H3-Q050

200

18335929595331399552
tpc.googlesyndication.com/simgad/ Frame 5C72
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDry_mgERDeAhjeAjIIRR-0H9EDqZM
https://tpc.googlesyndication.com/simgad/18335929595331399552

25 KB
25 KB

10ms
7ms

Image
image/png

2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18335929595331399552

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61bfda2aaf3199f37253574926acafaf86a44979d3f2cdee0f29d8ac5698dc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:11:50 GMT
x-content-type-options: nosniff
age: 451599
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25198
x-xss-protection: 0
last-modified: Thu, 16 Aug 2018 14:55:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:11:50 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 12 Apr 2021 15:45:44 GMT
x-content-type-options: nosniff
server: cafe
age: 57165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/18335929595331399552
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 May 2021 15:45:44 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5C72 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cvy0WdEp1YMGrIMXD7_UP1ceK8APVnNDHYa3NzfXsCsqH1PXlDRABIOehgHpglQKgAcfzopoDyAEJqQLQlJ9nn_azPqgDAcgDywSqBMEBT9CSInrD3HkBS8tf9Yc4LVXZD4dJfdCWPms2_6BXf9zDYZsuEo3-JW3G9sSgaE_Nk8J3duudyXR5hq_vrRyRN8C4HNfvUzhRLL2JGCzJoLgPOInXY3OOHETfIbsOxfy_IWOYq1k4nmC2-DiMvtZOzLqkLSocg92HcKlETRBX7Gc6FFiBgo_fEeuAnj5sHEJ7zF8NajKu_T9zsYWnwZVTHl_dEvQdSYqsNDu2Tg5N7Yp00SXkch9-cYbpeuHKpshwicAEn7S_o8ECkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6GM3WWoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOiFA9IICQiA4YAQEAEYH4AKAcgLAdgTC4gUArIXGgoYCAASFHB1Yi01Nzk4ODY3MjQ5ODg3MDMz&sigh=ZbjW19nac_E&template_id=494&tpd=AGWhJmvn4UxAnyR-Y86wZsTEy_kO74s0FUw_eYPPcTKnt_dVLw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=90&slotname=4824045521&adk=3361842836&adf=2740756486&pi=t.ma~as.4824045521&w=728&lmt=1618299508&psa=0&format=728x90&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508277&bpp=1&bdt=387&idt=229&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=361&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7N407FOJbX&p=https%3A//hi.ru&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 07:38:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 Element_12.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/ Frame C7BE 13 KB
5 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/Element_12.svg

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b57a900a7570cd4fc3f006c7eba27d18b1e27e402e0d309e678b0d75d24075d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 191492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3763
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Sun, 11 Apr 2021 02:26:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 02:26:57 GMT

GET
H3-Q050 200 Element_10.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/ Frame C7BE 3 KB
1 KB 12ms
10ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/Element_10.svg

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f302ec3836fa1926654519d57e97f113fcd1b5915eee786fa8713b6ed0f9499d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 191492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Sun, 11 Apr 2021 02:26:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 02:26:57 GMT

GET
H3-Q050 200 Element_4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/ Frame C7BE 244 B
226 B 11ms
9ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/Element_4.svg

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97dcf08320a7d374e45f3c5c670be5db8e70579cccb452c14070b93f1c557195

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 191492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Sun, 11 Apr 2021 02:26:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 02:26:57 GMT

GET
H3-Q050 200 Element_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/ Frame C7BE 2 KB
869 B 10ms
8ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/Element_3.svg

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea426f090eddf03e65a6287915fac51a6eca6e0d1f58879591c203fc43c2f97f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 451977
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 08 Apr 2021 02:05:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:05:32 GMT

GET
H3-Q050 200 Element_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/ Frame C7BE 452 B
292 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/Element_2.svg

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75aafcfbcc756aac5901316036889ec372828731cc76015b5645677e7a88df6e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 191492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Sun, 11 Apr 2021 02:26:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Apr 2022 02:26:57 GMT

GET
H3-Q050 200 Element_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/ Frame C7BE 9 KB
2 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4633029431731172726/Element_1.svg

Requested by

Host: hi.ru
URL: https://hi.ru/?md81

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d29468ae56ad0dc7cebc4ea02f0e87a0654a04eff47148faa495afa8d84d3e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 451976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2364
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 11:48:38 GMT
server: sffe
date: Thu, 08 Apr 2021 02:05:33 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:05:33 GMT

GET
DATA 200
OK truncated
/ Frame 5C72 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e29f0b92ea06db998c798904755014ae8d388e9d41e8b8d293be50538af193a8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 5C72 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 164091
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 03F9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 15:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 56696
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Tue, 12 Apr 2022 15:53:33 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame F63A 3 KB
2 KB 98ms
33ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=26145600051394800951399011563003&a=3f6a5775
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=xxvlvujily3i&nw=20&renderingType=javascript&namespace=ccc0dff178&subid=&uid=9b7dc99a3d144c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3834832077377830804%26mt_id%3D6622325%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_cid%3Df7d76075-4a75-4c01-aa3b-13819cc4c6d7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCf6qYdEp1YKezJffW7_UPt7mV4AzPh46bXMCG2YLGAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzPIAQmoAwGqBMMBT9A523As5ozTe8CqxOoJ_sDBu0ue91uAmTDtVJ6YVtHdZ-EatHTsY5MNIWl-3rHXK9l2wkM6TwXITUjdNh7KvcujVHlNmwXYFO3E8i2Wr5NuimQk5BxeLbmQF5EJp5DPCtQMFxxn0kFy34HQMeoypaF8y8DP6kDPeNqaClgUAGhc4nBg3nN9j8OTiyOav6g9fnQ_jNqcj9LDwsuwgRT6V7oDQ5KSD2NmGMjH8aBgYGJSUk7zRiAfe9ni2eV7ETOox8ZCgAa_zMTOmvnjl4ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_3Nr6g9JGylDedQZl1FSQ9A-DHeFA%2526client%253Dca-pub-5798867249887033%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5798867249887033%26output%3Dhtml%26h%3D250%26slotname%3D8450970356%26adk%3D2494497118%26adf%3D1726048742%26pi%3Dt.ma~as.8450970356%26w%3D300%26lmt%3D1618299508%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fhi.ru%252F%253Fmd81%26flash%3D0%26wgl%3D1%26dt%3D1618299508349%26bpp%3D3%26bdt%3D459%26idt%3D242%26shv%3Dr20210407%26cbv%3Dr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C970x90%252C728x90%252C300x250%252C300x250%252C300x250%252C300x250%26nras%3D1%26correlator%3D6871727324126%26frm%3D20%26pv%3D1%26ga_vid%3D723691177.1618299508%26ga_sid%3D1618299508%26ga_hid%3D1893615385%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1140%26ady%3D4652%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066434%252C44740079%26oid%3D3%26pvsid%3D217667731315329%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3DZQiOoamB5Z%26p%3Dhttps%253A%2F%2Fhi.ru%26dtd%3D245&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fhi.ru&random=6553879725682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ed809f313c4dee441112fe183958c13a52c1b61af9556922eba2ec6fc6ba700d

Request headers

Host: hal90003.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=bc1cc6b234d137a4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Tue, 13 Apr 2021 07:38:29 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 13 Apr 2021 08:38:29 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1218
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 68B1 1 KB
755 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Apr 2021 16:59:40 GMT
expires: Tue, 13 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 52729
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1C6E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e4b632fb70236322963e2d235e71719e032ea9222472cc79fc127246e41521b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 68B1 35 B
210 B 11ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFUzAlXpUXyg3d-5MWm2VDA&google_cver=1&google_push=AQvitUIujvhBoEFzdjqDl4EDYjgE_BAoe7GjO1QExLyvNjxGjPwil_RwkxHWWsTqcTYPYeTlfQdFSXXeLbDjFB6B2gwog2v9Bg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 68B1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJT2Y5g...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJT2Y5g...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTMwNzM4MzA1NTE3NzcxMjY5Nzc3NQ%3D%3D&google_push=AQvitUJT2Y5gPMOExfBeWvXPqi6A50KGsDNoG5eeKp5Gi4xIoeEbac_to-kMJyjwQHc1Eo...

170 B
213 B

56ms
56ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTMwNzM4MzA1NTE3NzcxMjY5Nzc3NQ%3D%3D&google_push=AQvitUJT2Y5gPMOExfBeWvXPqi6A50KGsDNoG5eeKp5Gi4xIoeEbac_to-kMJyjwQHc1EoFHJ_ZYvSPJVOQ-pc8cUj57sDMxXQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTMwNzM4MzA1NTE3NzcxMjY5Nzc3NQ%3D%3D&google_push=AQvitUJT2Y5gPMOExfBeWvXPqi6A50KGsDNoG5eeKp5Gi4xIoeEbac_to-kMJyjwQHc1EoFHJ_ZYvSPJVOQ-pc8cUj57sDMxXQ
Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:30 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 68B1 43 B
324 B 111ms
52ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKiMLdKV3WGy9GBZIC7F_Qw&google_push=AQvitUJmTltsWu6HFAjUBGRE8q3XWunhPR8_CRKyq1nYvZTb7nqdxXtj6-vgTTG6xAtn9nX6KCykQpns8AT-Z4cslYgVp1KPH9I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5798867249887033&output=html&h=250&slotname=8450970356&adk=2494497118&adf=1726048742&pi=t.ma~as.8450970356&w=300&lmt=1618299508&psa=0&format=300x250&url=https%3A%2F%2Fhi.ru%2F%3Fmd81&flash=0&wgl=1&dt=1618299508349&bpp=3&bdt=459&idt=242&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=6871727324126&frm=20&pv=1&ga_vid=723691177.1618299508&ga_sid=1618299508&ga_hid=1893615385&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=4652&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066434%2C44740079&oid=3&pvsid=217667731315329&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=ZQiOoamB5Z&p=https%3A//hi.ru&dtd=245
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 68B1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEL65wLSutWe2qvMUyE3vi9E&google_cver=1&google_push=AQvitUK-EsXCn2z6oMgvA6ndom1S6N_klEys75284rJdkrwdazdNAC3RA-HD5Bq0PE_n4R01sYg_KwIBHFhuItwFhfU-jpGvVS4
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK-EsXCn2z6oMgvA6ndom1S6N_klEys75284rJdkrwdazdNAC3RA-HD5Bq0PE_n4R01sYg_KwIBHFhuItwFhfU-jpGvVS4&google_hm=WVKvvojFwXEFU052cRjv1A==

170 B
190 B

57ms
57ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK-EsXCn2z6oMgvA6ndom1S6N_klEys75284rJdkrwdazdNAC3RA-HD5Bq0PE_n4R01sYg_KwIBHFhuItwFhfU-jpGvVS4&google_hm=WVKvvojFwXEFU052cRjv1A==

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUK-EsXCn2z6oMgvA6ndom1S6N_klEys75284rJdkrwdazdNAC3RA-HD5Bq0PE_n4R01sYg_KwIBHFhuItwFhfU-jpGvVS4&google_hm=WVKvvojFwXEFU052cRjv1A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 5tbks90beein81ussvtlkgs6focfbosg

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 68B1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

55ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULDF1JeIUzg20xM0MyCIqcEtO4tTokSy0DLB0rSzRoFowsweWIePS-DFeVy_3WNBFudsqe6a9dydLTXXLcZcxMbT8sjJQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PhwTus-sRUeUZfuEJpcCIw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULDF1JeIUzg20xM0MyCIqcEtO4tTokSy0DLB0rSzRoFowsweWIePS-DFeVy_3WNBFudsqe6a9dydLTXXLcZcxMbT8sjJQ
Date: Tue, 13 Apr 2021 07:38:28 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 68B1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG-LgDNFS5GzioDU9PpAsh4&google_cver=1&google_push=AQvitULGvDeRJvPZwYHvWx2Vw44FdLEhHPxqDcbwt5R9mCTbfnoGn4wOHb5AXS4HSc99fVJEXOi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFUQjUtMjMtRVNMWQ==&google_push=AQvitULGvDeRJvPZwYHvWx2Vw44FdLEhHPxqDcbwt5R9mCTbfnoGn4wOHb5AXS4HSc99fVJEXOiBhD2Mz15FLb_Tp8eOAUQvcfQ

170 B
190 B

55ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFUQjUtMjMtRVNMWQ==&google_push=AQvitULGvDeRJvPZwYHvWx2Vw44FdLEhHPxqDcbwt5R9mCTbfnoGn4wOHb5AXS4HSc99fVJEXOiBhD2Mz15FLb_Tp8eOAUQvcfQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05GUFFUQjUtMjMtRVNMWQ==&google_push=AQvitULGvDeRJvPZwYHvWx2Vw44FdLEhHPxqDcbwt5R9mCTbfnoGn4wOHb5AXS4HSc99fVJEXOiBhD2Mz15FLb_Tp8eOAUQvcfQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 68B1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKM4SIObzSPKFq7DcCQtQ2A&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_gid=CAESEKM4SIObzSPKFq7DcCQtQ2A&google_cver=1&google_push=AQvitUL25uaGk7iGnVFkyoIW5oQYHCRpq4gnD...

170 B
190 B

55ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_gid=CAESEKM4SIObzSPKFq7DcCQtQ2A&google_cver=1&google_push=AQvitUL25uaGk7iGnVFkyoIW5oQYHCRpq4gnDVOy4BNt3Yb7tmZTgf2WWQwXRM5WdIiHvygBg3ZI1fYyoxTHdDm4wUvFcqo26w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHVKdAsS8mbp-CKGq4dABwAAAT8AAAAB&google_gid=CAESEKM4SIObzSPKFq7DcCQtQ2A&google_cver=1&google_push=AQvitUL25uaGk7iGnVFkyoIW5oQYHCRpq4gnDVOy4BNt3Yb7tmZTgf2WWQwXRM5WdIiHvygBg3ZI1fYyoxTHdDm4wUvFcqo26w
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 68B1 0
26 B 54ms
52ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsNJE_EAMJ7xf5pfcmI7RHtL1Dgb1dUryWPkFzF6K4gyQc6KW62yh-Lwh-few6c4qiNasB

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK S-250x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame F63A 64 KB
64 KB 145ms
62ms Image
image/gif 188.138.33.34
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-250x250.gif
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=26145600051394800951399011563003&a=3f6a5775
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.33.34 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft9037.serverprofi24.de
Software: nginx /
Resource Hash: e05b9834df0231f80a8574f9737b6b0157a98d4a0f86d460912076738f8abb2b

Request headers

Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:29 GMT
Last-Modified: Tue, 24 Jul 2018 05:09:02 GMT
Server: nginx
ETag: "5b56b46e-10074"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 65652

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame F63A 0
150 B 98ms
33ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=26145600051394800951399011563003&a=0248baf9&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=26145600051394800951399011563003&a=3f6a5775
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Ketsch, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90003.redintelligence.net/request_content.php?s=26145600051394800951399011563003&a=3f6a5775
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Apr 2021 07:38:29 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame F63A 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210407&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d512703230525325612c9b899313c8270c32edfbf8da17264c0f25813832c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 07:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6633
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 13 Apr 2021 07:38:29 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0DC5 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hi.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 13 Apr 2021 06:27:36 GMT
expires: Wed, 13 Apr 2022 06:27:36 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4254
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DC5 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 15:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 56697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Tue, 12 Apr 2022 15:53:33 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210407&jk=217667731315329&bg=!lpWlldHNAAY56aLOOek7ACkAdvg8WmlCVJnOtcNBzT7LGmbogtI5ICMF8z8222-OAEa5uhfGSb2lTQIAAABkUgAAAApoAQcKAVJFeOIxSz6ZwcmOmWf0guotwNrz-yfZpUc5xhvj05yzEd5xxCUZlGUvKCCtvKM3Ts1yhMYwWAdQBV7z5xVc-hB60NXXtPeNFxHUIJmsJkbaNaHQc3R5T8elcB1Xu-raqOcKJWGKd7eVRMWkSfub38yYjRqGfHzISJ2N8Ph5IU3zhr09JqvE-1CjMGzRayWKYODIIKkTaetgErL39TszSdwsZEaVzN7TWJrBHKCkbojx3u2WvpDBWcgysiOIhO4JxHVdLWgbhX_D3BfzLujdGgLXKW24Ae0L7fk_IkkeOgf4yVrCLfttyrbfsylZYxci3AnyOuPw3OJ3JoWhBg2KXF5ZYAZBJJhMvHJnVzys4W08jgNRV5Ql37iiSfFmUE7rnd3Q3rQjJpLCP3dokIEUgFe7scBhDV9KtjXP5rnG1JXsDn2k4XSCCjaMvrrv2ImcgBdVRpkBzndrLAT0h-_jnNUuYtDK3yrM6o1Xu_BvZAcoYtLNzGMgBuxF4gDiGVcQh837HHiopUIypvgcrTLZDYRYWdrn5g8I94PHGdscNpDOHU31uqGtLxUxx38hc_BCeSknHEckMfyd7GblAZcKkQDWPZBBUqtwjwaze8cdm_qV7gcKUQqR38Sh_oJNNhmmsEvUhl3492U4_REWYaUr94iDXKBaWl48gf9VxaTSadbcwFtU0Ert6Ohscs8QOh7vkJrK5VXt9sUdVSHcwt5ZHqHUPmw1WzKpRnyMeQ8h-lB_vxOZtwNKBveeJZoW3cLcFFh1PUw_Wi86liG-8Zql6WZkeht8uY5kHIYu4rcmwDXx1CeRzFDA2V6vsBNdjJsuzgkNc2Rmwb_-oKICboY7_snxh1i5HT2-M3D03JOb6lPLyNXf8IrEGSxQN2KzypcVIlOrtMwDTyivXV3ISCEIrsqE18HHJKHIZ_0M_5uulYcoYpYrUo0BY8gakiJFdCUwpgnxerdPwtPScDDC9XgwPRP_lxpsvjjEHqi-rWZGdavEQ54R4Yc3whoFNkaTEIaK6nghxLymkH4kIMwdM8emCPcZYp4ck4ZpyVLlySpGtfB2A9-d1g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1435 42 B
155 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWnrT0I1VXc9ZRrDAuPEwwcllbEXPqB4nN02OY0e05Y9kWW_bNnY9naKewpVonYSiwQTA1PiP9YIhBoFMpKFH1Y1dGOib3nMFxIvy3dlXLGHfXhQi_2LGsftyyyw&sai=AMfl-YSyMtff5XK6H137spKzwt_mbbWimN-E8n_9WGNDYfsAZGddcFTxIEWC-I4fUW0jFWHmQAaFwACL5yEh&sig=Cg0ArKJSzBlqQx6_msS6EAE&id=osdim&mcvt=1000&p=241,1140,491,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4038436&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618299508521&dlt=546&rpt=38&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCA0 42 B
66 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutLd1uLCVbaWersdn5bsl9WFe5TL3ICazMnlsiKw5ps1AwqaSyNG8vZRKNAT2yyZ0PUlZty8Deo2eKvGtn4VhbyusgH4_k9jxUrow5EzWZr0DaJDqy72PNQd2GAA&sai=AMfl-YQ2_fxOYsizmBS-2wL8avn5BiDW8vJGTpXnmg50KKukpdzTQbAbOC8EA-SSWQxaIG0PsG-93n9dJA6N&sig=Cg0ArKJSzMj3usu4axhJEAE&id=osdim&mcvt=1000&p=92,346,182,1074&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4009741209&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618299508500&dlt=587&rpt=51&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tv-xml3.php Show response
hi.ru/ 257 B
363 B 46ms
45ms XHR
text/html 2a00:15f8:a000:5:1:11:5:3f30
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.ru/tv-xml3.php?idcity=524901&_=1618299508386
Requested by: Host: hi.ru
URL: https://hi.ru/assets/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:15f8:a000:5:1:11:5:3f30 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: Apache /
Resource Hash: 268515a8771eebdc7975a58053674b00057f3bb98f8c8e25c6c338e33dd58649

Request headers

Accept: */*
Referer: https://hi.ru/?md81
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:30 GMT
cache-control: max-age=0
content-type: text/html; charset=UTF-8
server: Apache
content-encoding: gzip
vary: Accept-Encoding
expires: Tue, 13 Apr 2021 07:38:30 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C72 42 B
66 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0jeF6VsOxY56GhDRrsu4c9G0X8HXseG08zMNhfcNCp3MBKiQ6z8_KTdmw_EE3pqG_cFthgHedaQsYoYTFmkf9CCxK3pVhUfPMocg0niuK6_w5sBZLmTYLCA88xw&sai=AMfl-YStr_11UJYTupLOUB2uEp1vCa3taxDokNtGCb9aEaUXIf5GhKEeLVwLV1D_3zJtcPKXWquvwO2EwIXg&sig=Cg0ArKJSzCQsgcJ7DBO5EAE&id=osdim&mcvt=1000&p=606,361,696,1089&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3361842836&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618299508512&dlt=741&rpt=45&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 07:38:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rs Show response
ad4m.at/ Frame DEFB 1 KB
2 KB 23ms
23ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 591c2348902f0c59821ed19eccfc95c4e55b834735375ce81669afebf83291a2

Request headers

Referer: https://ad4m.at/ad/dr?ed=1jtb0cq736k18e3abcsh7q30dtdr1bw7bxyry3j3hw6qhnz4rf7814nawvg0nvwean24zb00yg740y8k0hdbm5d7ce094mntxe6h6gt90qne52jnqzqrsz917kqwjs6sbks2kv93fdqmx8ft1h5sn76kyf59hve4800b6ce9zej5x3gfj1estz0v618dnr99p3yqv6nkegrt97w6bkz3fk2w540qbdnw6cd0saqn5399megwah3577y7kafaz0nq6rx6zjvkjgk9jpkpbv47h0xze08kynxcadb3xekrd0sv3par7eqrvrtq33dr8d04c1m5h2hh6k9myrdae1tp8fhtrecaa1hc954a96fbm0a7vqtvk2hnm5ambygbw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Apr 2021 07:38:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 096bc3fa2600004dd6d49f8000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aOAkV8XHlLZxVLPKCkZR%2FdOj5hPibOrq3lnPTVWSQHPKmhQH%2B0OJ53iRjGrPp5YhIjmd7CgBXFao7XHHkiwk76Q4dOj6tpleqK9cxFZOzOVilAfB"}]}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 63f30909dbbc4dd6-FRA

POST
H2 200 rs Show response
ad4m.at/ Frame A33C 1 KB
2 KB 23ms
23ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d247cb225fb94a642df5323a3763125cd414de03d71b30e77d6f29986cdf8f

Request headers

Referer: https://ad4m.at/ad/dr?ed=1hc00wk86feb8smrb6krfd8bvmt29xbevqhqxyktwdpb2zx6g62h2h604wsx2y09bqyr0gssw7pzwc59ehvej4qvcbn5nyz4g3h7sgadngjb0e6bhg0ab4yja57zejm2546xk863tt9er55zgxcvrv83239p0p1mdyscr2sgsgc6qebd2wmrxw2rk4hyn185r8aq4235n12negcefzn172w7h8ttrzzmk5gd4edf4zwac9mgbv879a9g18epe24yzzhp2hyzp99t50xjw2ybk6ce39cpk72w0sanv3v0ytb2yw8nf472xazc7xswcjgcrrayw6f70w14mnx7kzh8m498f0amnqdjjsnkyk98c0agtjrys50v6errsg2he&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%26client%3Dca-pub-5798867249887033%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Apr 2021 07:38:31 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
x-backend-server: rs-rvz5
cf-request-id: 096bc3fa2900004dd6f48b1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BSVzMbNTAViHxZ6vKVd8BNMpPLzbcvVb%2F4EXPnu2CD7OwK6CO0ugMmMTFb%2FVBlWp0LUi31hgapXAdV2PljPliTy9u3SDyDgEh%2F8WwkdYQI6CoZ2e"}]}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 63f30909dbbd4dd6-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 11A0 9 KB
3 KB 20ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe6e4a4a7fc08a009aceb63425dad3693ef9443e2cd867c559567a67fa0f368

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:31 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d4d61a12c3266f5b4e078cbee071b4c301618299511; expires=Thu, 13-May-21 07:38:31 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 096bc3fa4200004dd6af87b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f3090a0bf24dd6-FRA
content-encoding: br

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame AB3F 9 KB
4 KB 18ms
18ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f8ab07bbf25ae280e4a271790607086bd2df18310bf10b24771f17e2135b111

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:31 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d4d61a12c3266f5b4e078cbee071b4c301618299511; expires=Thu, 13-May-21 07:38:31 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 096bc3fa4200004dd6739a3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 63f3090a0bf44dd6-FRA
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.3/one-ad/ Frame AB3F 58 KB
7 KB 15ms
14ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.3/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:31 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 412727
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
cf-request-id: 096bc3fa5a00004dd6bc8ed000000001
cf-ray: 63f3090a2c224dd6-FRA
expires: Tue, 13 Apr 2021 08:38:31 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame AB3F 18 KB
19 KB 21ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 373176
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwnriTOuVVPObngarcTCVEAuFSrIaz9AtSyV4ze6Nn2K2jRkoxqqnrBehZV68BtcA_Q5vzQUvR70mmUmyUjvxyRsGUS9A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-request-id: 096bc3fa5c00004dd699b30000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=clIOFaW%2BrqAt8OsQdJgmkSe4dfvelv%2B86VTvdDHZwCatI%2F9ufZBB3%2Fe6H%2B%2F1iRqX4JbtO9M%2BF9r%2FXrmVUz5eXi09G08wIe6hn13uxG76TjmqlRmmnJlVdyN%2B8w%3D%3D"}]}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 63f3090a2c2b4dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame AB3F 2 KB
2 KB 18ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 302055
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-UyOK_9kLeuLG-RZTFcoiGJ0qtPsZlkrLdsj_RoO2xUmfr_G__-xbmv_AaTmTz4YIpxNX3cA2j_tY8fs47i0VL3CZP593w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1598
cf-request-id: 096bc3fa5c00004dd692199000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SKBuDFjRNsH4t7cMBaOKmp%2B9D3zq5D70ZzNGAua%2BB7mJP26l6TgMBhDafCdaadHnEWJdid7xcdp3yTbwG68gLOQI5e0jBT3AnEjiPu1im03rJHyryZc2jJg1ng%3D%3D"}]}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 63f3090a2c2c4dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AB3F 43 B
703 B 123ms
57ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame AB3F 38 KB
39 KB 14ms
13ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 370880
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-UxQBpR50aLTfOHTnSolKDlUk4esqIgcvgor__-JXe_yS5iySdGbUs6i2A3EHDTR6EQTlF7njUYFEOs7OJevlQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 096bc3fa5d00004dd6c2a6b000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m38wYMGJ6rA4iOpUWCVL%2FSHnbzGTT0xdy5648sSj%2Bi5LESAGiFMoH5gWbJ7vlK55iZLdxs3SNRHDQIbP2deS3QfsHzoyn8Mnehj1La5AC3Hjq%2FKobJZEgW21wQ%3D%3D"}]}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 63f3090a2c2e4dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame AB3F 113 KB
113 KB 15ms
14ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 14980
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 096bc3fa5d00004dd68db99000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3IjJHX3ixHFMtE9kpe%2BFCrgYQpMFCBnX%2BgP6uN9MiofkmpsX%2FNHrciLyO0qQBZSW%2FBaNxb%2Bta5VDAdlqV6p8ozvN3L9M9m6MFNJcYlnIHIBcX3lOcymVVp94Zg%3D%3D"}]}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 63f3090a2c304dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AB3F 43 B
704 B 125ms
59ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame AB3F 38 KB
39 KB 18ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 187774
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-Uz8EkB9Sr_YwYzKZRaXsUyQoYtobL648L9KqoLAKDcNcRyMlpzVRuLKnJMt5S1SQsAcPFF2a4ZEwrUgCfFQ05w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 096bc3fa5d00004dd6d235e000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1pvOqRZ4KUp3eZrIPVeUdeFZ16KIHRdSdCUOn69cZMqJYvqQtxhZNJd3DoJhDDOf0oS%2Bd%2FRZ6%2BqCK%2BZZOS0tqYfx4IGCZneaH2SCZSRfcUuT0x%2FdtmZAVmNzMA%3D%3D"}]}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 63f3090a2c324dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame AB3F 84 KB
84 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2678144
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 096bc3fa5d00004dd6b7810000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oKVXSjP3MI%2BaYuN8EUAC3%2BzRSpcdEXmd2Dyno4gHtfp2xWj3vwbzCmODeNkJOeJ8PY57VUgafzgkrLYxgKkw4HgvOM2WU3fBlqYNUXpiZ%2F4qCZrCYffnCgV3Vg%3D%3D"}]}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 63f3090a2c334dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.3/one-ad/ Frame 11A0 58 KB
7 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.3/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:31 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 412727
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
cf-request-id: 096bc3fa6000004dd6732d3000000001
cf-ray: 63f3090a3c374dd6-FRA
expires: Tue, 13 Apr 2021 08:38:31 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 11A0 18 KB
19 KB 18ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 373176
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwnriTOuVVPObngarcTCVEAuFSrIaz9AtSyV4ze6Nn2K2jRkoxqqnrBehZV68BtcA_Q5vzQUvR70mmUmyUjvxyRsGUS9A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-request-id: 096bc3fa6000004dd6f48b5000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qbwbKQwwHs1Eqnq9q61unaQzXZrK7OR6kZZyEasV8mKw25P7BOZWYfbYJfvWmduE4%2FkqsVkvygi5pY6zCdqRaSRBWhZGVzOb26AP%2BR6X99aRYpgcfMxqztvjSg%3D%3D"}]}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 63f3090a3c384dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 11A0 2 KB
2 KB 22ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 302055
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-UyOK_9kLeuLG-RZTFcoiGJ0qtPsZlkrLdsj_RoO2xUmfr_G__-xbmv_AaTmTz4YIpxNX3cA2j_tY8fs47i0VL3CZP593w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1598
cf-request-id: 096bc3fa6200004dd696b66000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TGAXY7TFdoHvd186nArGDIS%2FOTElz%2FRs%2Fv%2Fs6HcRZBJ123JnUb3v4gnHxnBiK3P%2BaCUmEl07jM4cyJW%2B6j8qlOdsxZXp6X64boAmjQF3IVzkUSzkCO0ZWhF5iA%3D%3D"}]}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 63f3090a3c3d4dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 11A0 43 B
703 B 118ms
56ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 11A0 38 KB
39 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 370880
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-UxQBpR50aLTfOHTnSolKDlUk4esqIgcvgor__-JXe_yS5iySdGbUs6i2A3EHDTR6EQTlF7njUYFEOs7OJevlQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 096bc3fa6200004dd6a7288000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j192bjGARauqVKN47%2B1vM%2B5jG8htgyM%2BAj2p1jLYkwLsZ58aSiX3kfCYlcm6Q4NNJCMhuMbBzDb6GHz%2FyYaxtDcqEfMq9LsNp2fQ%2F%2FfnHZenL8nYUVCs7QFo5Q%3D%3D"}]}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 63f3090a3c3f4dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 11A0 113 KB
114 KB 19ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 14980
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 096bc3fa6300004dd6a92ca000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aicFAoKsmIS5W6zomN1NmeIReX36j3%2FD4V6oB9c7PKopU9lV42Nb0rlqo08%2FqLi9CKZFK9jr%2BrX1Cq6vc8fS1QlOnrE25kj%2FlZVqvvkN0aD%2Baxm0BgMo%2FugDfA%3D%3D"}]}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 63f3090a3c404dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 11A0 43 B
704 B 132ms
71ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 11A0 38 KB
38 KB 18ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 187774
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-Uz8EkB9Sr_YwYzKZRaXsUyQoYtobL648L9KqoLAKDcNcRyMlpzVRuLKnJMt5S1SQsAcPFF2a4ZEwrUgCfFQ05w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 096bc3fa6300004dd69fb34000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rdf%2BZAcdObcvD8X6OxSiycnYqIffLwICYRv7LW%2F1ZqEOfODUfYz2I5yg3HcDGNMKAy150wUzNoGIKk1VkILjrOBJ%2BaWczzI9UH%2BAPMmzv3DAVYP37QBGOJk9XA%3D%3D"}]}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 63f3090a3c414dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 11A0 84 KB
84 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 13 Apr 2021 07:38:31 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2678144
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 096bc3fa6300004dd6fcafb000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O5ji1HaeCVpBGk6YGmd173oI6%2FMXWgQW9H33l6b306mP2S%2BN4K5ZeZj6rp0QaoUJeox3DGJpbtmpjsCkxwQukF%2FPKd%2BMUeRYl2M3%2BIA3U8gq4xjvxIflBEwhpw%3D%3D"}]}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 14 Apr 2021 07:38:31 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 63f3090a3c424dd6-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame AB3F 12 KB
12 KB 266ms
124ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 2886f7fb50e223bced7b7fa34ac99d0c4730594a8375719b843e7be8475e0ed3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Last-Modified: Tue, 13 Apr 2021 07:38:31 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 11A0 12 KB
12 KB 247ms
115ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: bbde105589d9726d62b9577731ce9cbcca4e68908700dde4baa4bfa035a5325a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Last-Modified: Tue, 13 Apr 2021 07:38:31 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 11A0 59 KB
60 KB 132ms
39ms Script
application/javascript 13.226.155.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9af867bc9375cd71edd46561c1bca358106a688494a72becb5125e41cf5bee94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 14:53:20 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 60312
etag: "18c1dfef830d61a2df6f2a6ba04e9d17"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 60911
x-amz-cf-id: v-12gx2PxP9lwYkp0llo7o2_x7Sv_rLG5_2Rt7hL38-X14Rba20bdg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 11A0 79 B
374 B 163ms
50ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TeirNlHm__iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rghw.5B0KB0D9ZtJ9XvjvEoxMuHz3YMJ5tFFg4K1kl1BNlY6RcApw.434&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221618299511%22%2C%22%22%2C%22%22%2C%22%22%2C%221773819511%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=616817e08836367304d42ffd8453f1ac&userIP=185.236.203.76&doAffectv=1&wgtime=1618299511
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Apr 2021 07:38:31 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 11A0 85 KB
85 KB 121ms
43ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__asuidkgOdr0EC6QELKuNiIAdxxXl4x2v4Mg4fasuid__suite_Netmix_Reach43_Monat&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=69c3d4dcea10e288f72294db039954a9%2F995427844964293166&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20hd9h5gn4r0fdcpjpax6jxtm4agwmk627eyhf7bhm7nxdtzqvnzkhqxk2y50v4x0kty0xp2ytw0yz29vk3s70bp6sec3cmyaxyxchh7ac7zce74nd7562regm70xp1r5vpp420k8j4vv4g2dkxp33835gpe9cv433f3ptyke1hksjnk9r9fy19qazb0kressex7yysp9xezqmp315z0nmvw9xzt34yqa0pyr4xh6nnpb1qtn839c9fjz37bj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCfHG9dEp1YKTzJKrJ7_UP_8SCmAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEwwFP0MuMXYD5WvZtPlF2QSJO4I0_xOy8NvfUNlHsyeWbeQLTPkgTSsb-6OttG8SVNA_zNPtgMiPwrnF_a--kdEJRY9XrnYgu9cJX6SvwbpA_PlFfAbrwXQslXJ-l7Gwu5XCXckEpCOkgSv-t9RWFevpmGYuTiuGWFuF4G-YDX3f_jyxBeprPeIEEnvSggB5r5JbvFW31QYr0q2EyjGl8gtnYMDVMuvgt7gve37mTjH8RpHiTYLikXPy9eIXXK_8Pt2mY-A2ABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_2Gpfe4mJnJ-rU51Mi_2w5ikztSKQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Last-Modified: Tue, 13 Apr 2021 07:38:31 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame AB3F 59 KB
60 KB 109ms
40ms Script
application/javascript 13.226.155.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9af867bc9375cd71edd46561c1bca358106a688494a72becb5125e41cf5bee94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 14:53:20 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 60312
etag: "18c1dfef830d61a2df6f2a6ba04e9d17"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 60911
x-amz-cf-id: 3_Pn6socEanxfy-LQ3ZTz1THk6mgstC-xGjdOuPoeGmypuE0tKsS-Q==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame AB3F 79 B
374 B 161ms
50ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TeirNlHmeCRhk6Hb9LarUqUdHz16rgPtFFg4Jh5Dufs.BN1eN1RK8mcK4rUqUdujo_y85icCmVWN9e4WX3NlY5DtFMfs.5EC&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221618299511%22%2C%22%22%2C%22%22%2C%22%22%2C%221773819511%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=616817e08836367304d42ffd8453f1ac&userIP=185.236.203.76&doAffectv=1&wgtime=1618299511
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Apr 2021 07:38:31 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame AB3F 85 KB
85 KB 120ms
44ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidDe1h3fwfrGZa3HmH9t1tZqRs4tmTkjoneid__asuidV88OOONjRFoCRVqXS_N5Q0VaW9xBic8hasuid__reach_adf01netmixsis&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=d57b693d4cdb5648d6857a1a9f2ad275%2F16108385714788308620&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21f6k6gb3capxjnbvyhd16war1r0czzrdtnsa0d68vkptpzjf69q11vg2h7cchnmf1z1y0j6k5nmaqy2ghybkx70wn2yt6zefy3ew7t3s649nh7sv2g70eke1syj7xxt7k9e1pk03pgm99a2cvd4ca6ev7403pe5nb4k04ewmg6bkn926r5ap2g1kcyqq1rv331rsrhq3w4f501ejr61g5b6gwt2c4qdsrys825kw7zeep51p8r99sf1g8gk6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCIMkkdEp1YN2GJLzK7_UP-pq8kAeQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU3OTg4NjcyNDk4ODcwMzOgAcKu6N0DyAEJqQJrzAjcEPKzPqgDAaoEvQFP0FjzIrHmtTjBbr6i_Kyfn9inMkDCvUqZ29PYDHWroFQztTj1OQGgYVvRyb-LSkIKs4evCuXJXZ5KRHGrUVqdo_wtHs5F1GSaMKmf_DYkC6Uvq__g58c83W9RPrlurDjYzeB5A_HitxWx0EHhozqYzIsi_7Nj0747W0T5N9b2augn33OWN_8ZEx4eOEJxXc-T_AGBrjqLnBopkVUPyucPmB2aNsIdV3rG1vckSJOFBPwjlAFbInNxVN_pVkWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3c_u4gUMHLedjip0jxPv1va4_PkQ%2526client%253Dca-pub-5798867249887033%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Apr 2021 07:38:31 GMT
Last-Modified: Tue, 13 Apr 2021 07:38:31 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 11A0 63 B
270 B 187ms
54ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TeirNlHxF0iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KB0D9ZtJ9XvjvEoxMuHz3YMJ5tFFg4K1kl1BNlY6RcApw.Eqo
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Apr 2021 07:38:32 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame AB3F 63 B
270 B 186ms
54ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TeirNlHxOFMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea.b4HRe4GSrxbuTfx8UXGfe2Rc7L1eWNNW5BNlYiJ4uy.7Ju
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Apr 2021 07:38:32 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 147ms
48ms Preflight 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 13 Apr 2021 07:38:32 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 11A0 16 B
232 B 87ms
87ms Fetch
application/json 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Apr 2021 07:38:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 11A0 44 KB
45 KB 41ms
34ms Script
application/javascript 13.226.155.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:51:47 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 38805
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: aEespQh0y8z6ZwSQ8ifmiOliEa9Blye0Ot6NJYkLObdZtBcAxYuIpg==

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 145ms
48ms Preflight 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-184-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 13 Apr 2021 07:38:32 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame AB3F 16 B
232 B 78ms
78ms Fetch
application/json 52.213.184.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-184-2.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Apr 2021 07:38:32 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame AB3F 44 KB
45 KB 39ms
34ms Script
application/javascript 13.226.155.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:51:47 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 38805
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: GsKuL4GjdaOp2VkCl7dLYrNlCv6B8-736OVEF2CnlVvd8CwUiFevrw==

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 11A0 18 B
123 B 51ms
26ms Script
application/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1618299512744
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:32 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 4ba27e58654c1acdf06a9b5ff5d0107c
cache-control: private
content-length: 38

GET
H2 200 tag Show response
w-it.m-t.io/ Frame AB3F 18 B
205 B 43ms
22ms Script
application/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1618299512748
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 07:38:32 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 4ad94e6b0d5d485ebf3e2e3f9a80ba78
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame AB3F 0
74 B 20ms
20ms Script
application/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16182995115832_e1dc931354&programId=12607&expiry=1773819511&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 6fe039324f2bc0ed52496d1d658b68ef
server: Google Frontend
date: Tue, 13 Apr 2021 07:38:32 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

GET
H2 200 track Show response
w-it.m-t.io/ Frame 11A0 0
73 B 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16182995115863_2bd7bb63b9&programId=12607&expiry=1773819511&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: fd368315f4a2d10c3bdad0782c7d0062
server: Google Frontend
date: Tue, 13 Apr 2021 07:38:32 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tv.hi.ru
URL: http://tv.hi.ru/tv-xml2.php?idcity=524901&_=1618299508385

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 19:41:15	Name: 8lcfmzhxc8d6_uid Value: bc1cc6b234d137a4
.doubleclick.net/	1970-01-19 17:31:40	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 02:53:15	Name: IDE Value: AHWqTUnMy-PaeszBi93FYKjocj6EQGOjJJlsHfPJgZMbYpoteTEyBcVFQv-jXnYbCpk
.doubleclick.net/	1970-01-19 17:31:43	Name: DSID Value: NO_DATA
.hi.ru/	1970-01-19 17:31:41	Name: _ym_visorc Value: w
.hi.ru/	1970-01-19 17:32:51	Name: _ym_isad Value: 2
.hi.ru/	1970-01-20 02:53:15	Name: __gads Value: ID=74cf5104ca760923-2245bf2181a7008f:T=1618299508:RT=1618299508:S=ALNI_MaaRyQaBwI5jBtxxd1d8xf8CuPhnA
.hi.ru/	1970-01-20 02:17:15	Name: _ym_d Value: 1618299509
.hi.ru/	1970-01-20 02:17:15	Name: _ym_uid Value: 1618299509426716044

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ad4mat.net
adservice.google.com
adservice.google.de
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
diapi.webgains.com
e.dlx.addthis.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hal9000.redintelligence.net
hal90003.redintelligence.net
hi.ru
id.rlcdn.com
image6.pubmatic.com
mc.yandex.com
mc.yandex.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
photoshosting.ru
pixel.mathtag.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
sb.scorecardresearch.com
server.cpmstar.com
ssl.cdne.cpmstar.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
tv.hi.ru
w-it.m-t.io
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
tv.hi.ru
104.111.238.139
104.111.239.217
13.226.155.106
138.201.63.117
142.250.185.226
152.199.21.117
176.9.26.250
184.30.20.207
184.30.24.241
185.29.135.190
185.64.189.115
188.138.33.34
198.24.170.50
2001:6d0:4001::226
216.58.212.162
2600:1901:0:76b9::
2606:4700:20::681a:bd1
2606:4700:3032::ac43:aa7a
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2013
2a00:1450:4001:828::2002
2a00:15f8:a000:5:1:11:5:3f30
2a00:15f8:a000:5:1:14:7:1fd5
2a02:2638:1::13
2a02:2638::3
2a02:6b8::1:119
34.98.67.61
35.186.253.211
35.244.174.68
46.236.13.147
52.213.184.2
54.149.220.116
69.173.144.165
79.137.69.120
81.29.72.47
88.212.201.216
02f3c96b637e86e08096b57d5b8fe57819fe42782c7757985352ab34ab08713f
056f9a9ab494185acd4e5ce566f47dab29b63f34f7240c6016c39f0b94863d0d
057014ef0503a73be9492b2d2547cceee04790eaf0cc3d5a2bd4f4b8fa07a187
0953f7b2cdb1844e5f89b74fabb39a7d9e37817dd0b680ea2bc70982c12a1ba0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
1606c243d646bbbc486c09453274d8fcc058f4bc6d3d52b54350a38027750ea2
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1830ebe18239dc37ae01fa87aa1b5f99f0f5e481ac78f65423047d0b4d99b262
1c02cb53beae6a1bb1f3c231f48194b251abe87df332b64127f4fd9405a3fd23
1cd0a39d0800c32aa31d6b4fdfb242118fb4c674352f9818c2d78ed371ebfedd
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf8dc40fae641e0538482962d917adf7034d6b56125bd44304b54047ffe1952
1cfdb43297e916e2da546a244903e8eb3d0baf67620dda087399548c2e7afddf
201931dd146131958e4ee35c7639a951f9b5460ba5168ac5eaacba16e4dd1187
268515a8771eebdc7975a58053674b00057f3bb98f8c8e25c6c338e33dd58649
26de7ddc151567db6158dbb2e730c21f7bdb291354b1a88a9e4123cb6ec455b0
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2860bf5fe35d98f46c2213c71e5e48e9a7b36ed4c046e4ea0514215312b7ea55
2886f7fb50e223bced7b7fa34ac99d0c4730594a8375719b843e7be8475e0ed3
2d29468ae56ad0dc7cebc4ea02f0e87a0654a04eff47148faa495afa8d84d3e6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fe6e4a4a7fc08a009aceb63425dad3693ef9443e2cd867c559567a67fa0f368
314f44af9bc600b5049e321d1bb6e0e71f03dcb438028e5cb8e655196273dc8c
31f5a77b32f50b602d32286ff14d8174928ed5d5683015dfecda009192749726
351d45d7ce9ed6a6da006a60d31b77981079dd882e8b01afbe5cabcac606665d
390cdd2401b8a6d820152f5d1c9c0070833f95a983b81b988498bb14daf99c5f
3bf5864880db34425cacbc40063553c0fc4fafcc34536e9ac6cfe7befbd77261
3c4372c49f49c047cfe84c12d2208f8d6021fb549f682628a9a596906b639834
3ed14ffcf48a4f46614b93bb468c59b4a04917a0997f3db67bf5aede6cd09ef2
406d95539f6fd88170d62412cd3899498f28728f629938d3085850155dea3b42
41ab83e27acc60d34b77d7d6e5e65e3646d0b083f50f7fac1c8687a3f18d9a1d
42b206909b77ec3f74e3e407c55f1511d1f9beaa99af49a41edb4620b5553428
4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48586760351a662290f4a8dfeb60fa3e0660588f323d3e855ab57d0ef9a7f952
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4d4f3401751ce5afee9a97eff2f25fb54740cd468f3b27eb8af6d335034c3ea1
4e4b632fb70236322963e2d235e71719e032ea9222472cc79fc127246e41521b
4f8ab07bbf25ae280e4a271790607086bd2df18310bf10b24771f17e2135b111
524ab8ce722fd84999ab057cfa8eba4cc8352b38873cb72bfce586bc9e07a5dc
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ae918be32acf5904e7c28112a5a3df0f4233c068c60ed205fd9b9373a35815
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
553eb5bbd710f85a90e930f22e9c7dec5b9d5e28ff96b7129802b7fe894a4209
56a71b039fee9ad1fb696c2741431841d92cc184fbd18f3ee0aca62caebb0754
590e6d7e14b573c23cbc122b454c02b3cad004ddbc0e9ba475f23b3b9c557439
591c2348902f0c59821ed19eccfc95c4e55b834735375ce81669afebf83291a2
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5a0918d3ae6fcc311deeeb0b5a6f56f0ba635c5c5cd54d3a96515d06b21c18df
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
61bfda2aaf3199f37253574926acafaf86a44979d3f2cdee0f29d8ac5698dc83
621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4
621f0e445275dcb3fd0dd6e6230bfaad8e10f59c08ae0ebfc076808a7176b7df
631a9f7ec1e7afa01c62a81323426c3621356d30ed6e141f3e481df1985ccffa
640f0f24a477a3b7077633839a4359793498ebd106a49ae229be3804440b103a
6430a5609cdd61e8ec8b87c2f32a4b8010a93fca76e4737387673b788afd9a82
64fedf0f1f511c637ed27216292fed7ff26dfa03c4215cf2d6a37344d03f6001
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684ff092700c7b5f8852994d1795a7246c204d0f97e64f1dc34a4a07d1dc4d82
6b57a900a7570cd4fc3f006c7eba27d18b1e27e402e0d309e678b0d75d24075d
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
6f9c80a5f214df00adb0ee7f714a44c3a472f52e7dbe66bf740eb4344b21c26f
704fb2fb51023c7f361e779a1448e30de7b2c347652e359aec3f71b1156abdc6
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
75a94240b426b1146314d6fce78412340e3574d4096ca2ad258e9a64749a330a
75aafcfbcc756aac5901316036889ec372828731cc76015b5645677e7a88df6e
770be66ea01c6922743c6a5d0d5484a98b58bffad2acef8af3de10b3e277a633
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666
79613b9a17480739818efb9d0fe992a27610c69aaf3f44cfa9b5f76fa3624f0c
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7d712e4cc8eadd6e88b55ba2005b9e0df7111ba17724cd3b51a3fdf8240b3a5b
7f8214cdc30a17ed55564d12d7809766d5500528444767a52156fde7485eac79
832053361f1ef51957268ed756e07dbf3f646d2a6dbf63e6c7bd336d45c8bceb
8385ba2fe70bedfc49e4d1ae4c45dae613166832166b9534e4ff3a736b69d109
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83d512703230525325612c9b899313c8270c32edfbf8da17264c0f25813832c5
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8763c7cee404235584c03d712187e2aac4355da9b405f1fc406af91ae15e873a
8812d0b63b87402b006168f60cc26043b993161c347829cb839ab449d1e80d13
8867922c74beec3c4d6e2894e18cb7097ac78af8ddaceb1a0f85e567d1ebf45a
8946d4f87f3c79a7ef438695bae478433c1fc176cb2a3d1a1ee167b3de6e3dac
8d3f5afdd66c0d2bf4a0259200348609ec8a6e99a226613cf3cda67dfe29e2b3
8d9b5eb29b4bde77d7ab2fce99c079aba5ee1099640271987ff9a10df97b06ca
91699591f75211187d34f4c9ffd5068b9a0a910a382079f29a488b661a9c643e
9191ffc3e86d732ee8fbdd5ccc58a0626b0a3af1bb95b6d49db4565f4c725406
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
97dcf08320a7d374e45f3c5c670be5db8e70579cccb452c14070b93f1c557195
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af867bc9375cd71edd46561c1bca358106a688494a72becb5125e41cf5bee94
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a347090d8eb4a6572a9d88d6d876b2bdba5fe5d8bc1bb592fa23f724b9f029f6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ae8cc0098f1eeb449dc71d0d32d378cb852dc681502b9e50dc52987e71577eda
af87dd0a91f10cb6c35af0b4ecc86df4cdc772d73222cbf43e998a0ca6d9fb18
b030a8960280e548a468c3fe2ab57d296f7c6bdbc3677ed82b04d9d56b869198
b0444809862b2227d687d9248c429aff81d18fd75a872fd7712e1402e2305f1c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b385bb4cce0962affa74f1f8ae9b44383cc0a413109613f430afe78a62c61caa
b663358d262151aebf082f699b672c1c44e5e1ed122b6bcf03a461345d0673ae
b70fe08c29d1a0c0a04ff0b54669bfa0af2f1ff3e7a5ecf9374264b25deb3ceb
baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee
baba71484d8e255f5013a2eec6ce7a8a66ffe7dc994f877cbf203abbc4af182f
bb10b5284a2385c6d0ad74dd0db63171c8f406a17b2bbd2330df6852d111ba17
bbde105589d9726d62b9577731ce9cbcca4e68908700dde4baa4bfa035a5325a
bc55909145cc895ce9457fe5a92045c8db25bba712bf7880c018dfc5849d5eb8
bd49298c921b316356e1457a8ff2a9f19c0d069415e8a014f1d6ea6511000787
bedddb3e8da114412602440e01aa8122a149527f3f30859c276f5efa31ecb7e6
c17defd12a8dbf98aeea4043b34398f7ab77beb8291a32265097a1e601189fcc
c2fbe8d3fa0d0fc9e410f6e538e2fde3369b477bcfa1033abbb42eadd33705b0
c3940a5b825ca2173c8c40ee6032fff392d3932c9fedf32c38189bddab06fade
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c7914c9fcb8ce1be779b79aaaa9f1e096694585dd0f29995e2888de55871e35d
c80ce059499cfd0313ab1eba06eb886d1f37b94c059068aeb278adb262d3506d
c834162ee91bbe5baf82f5e7c44b608cd1f5a432f9fe25a2d0aa8386f3ccf08f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cc0e005386f74b55c9f60b8446f835a7be5a7e1fab58d97f6fcdc2a93eccafd1
cf30c00af063e34b0441b5df118788d9a7eaefeb6673144ce9d28883332d0661
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09dedeba8fb4802437aeb27cd9148200f1ca17dd0c699bf7b85a0fd0ae97669
d0f16d410a81a8c71a8ce8344d56a24f83d8124d3da81401c03e46bc1640c031
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d244ca4e5f0e5315e1309132922e51d109dde6000e12aa026de1df69051522fa
d255c5f4e04287d16ae7776e8ff8c6bd4316d829bfd639d212ad8c74fe2d9003
d5d8dc69aa87c483b4fe658a37d73a8492c874eabbac539b90f7101c4458ec4f
d7d247cb225fb94a642df5323a3763125cd414de03d71b30e77d6f29986cdf8f
d8738f1a40f1f64f8561fe5924e4fb9134be21eeaa73c7f0adae5df353294ec6
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dabba4011fb5c6cb64e46386a598022f8cdaaa6370c5d3e81e253585d9541b0d
ddea36e80cc4c0cee6cd607ba23921fc5540d1cdfd9f8f29eaed9fc6946f0f02
e05b9834df0231f80a8574f9737b6b0157a98d4a0f86d460912076738f8abb2b
e14245edb66438db8f4b062f463e708132f41762649ddb809dddb5c9f8eb9987
e29f0b92ea06db998c798904755014ae8d388e9d41e8b8d293be50538af193a8
e29fbb7d12134eb316c72368b2dc1952f782fd31fb389d09e081e3210597c27b
e2e177830a5036b9aedc8dad8d69cd5dd4e9d0e72875d88b442b81b8088ee577
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e566ca5478f1ebc1d7c117362af3aca30b57cd0b988e4ce62c7039e1793c1409
e74be3ff673b63f9947c36f05e9fe6071b8178c17d25199bb3722f82a94d8704
ea0269a93ceb6cb9f7b0cda0b251de17323690136dec4f059109e6c6909a150f
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
ea426f090eddf03e65a6287915fac51a6eca6e0d1f58879591c203fc43c2f97f
eaf394f0cf1614e22d265d916398cc14562c0bfa73a6f90af26e068dd76e4dd2
ed809f313c4dee441112fe183958c13a52c1b61af9556922eba2ec6fc6ba700d
edc3a0ad539531bd40ae350cbdd4770c95149d47c226aac2d415dc66fb17591f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f302ec3836fa1926654519d57e97f113fcd1b5915eee786fa8713b6ed0f9499d
f6183b99b7826661f6b9a46df6edce6ca2359739a39b4f6e1a118be78d02bf81
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
fab9515d47f51736922c97938a571cbcbafd98454a7fe76355b2d8865c869158
fb778f3d4e1b9805dbee637f5a0a8627b7583c8657dd588633734ab07840a79e

hi.ru Open in urlscan Pro 2a00:15f8:a000:5:1:11:5:3f30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

259 Requests

100 %HTTPS

51 %IPv6

36 Domains

54 Subdomains

43 IPs

6 Countries

3159 kBTransfer

5380 kBSize

9 Cookies

85 Outgoing links

Redirected requests

259 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hi.ru Open in urlscan Pro
2a00:15f8:a000:5:1:11:5:3f30 Public Scan

Screenshot
Live screenshot

Full Image

259
Requests

100 %
HTTPS

51 %
IPv6

36
Domains

54
Subdomains

43
IPs

6
Countries

3159 kB
Transfer

5380 kB
Size

9
Cookies

259 HTTP transactions
7 data transactions