feryarya.com Open in urlscan Pro
5.181.216.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://feryarya.com/
Submission Tags: falconsandbox
Submission: On April 14 via api (April 14th 2021, 8:06:39 pm UTC) from US

Summary HTTP 102 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 20 domains to perform 102 HTTP transactions. The main IP is 5.181.216.92, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is feryarya.com.

This is the only time feryarya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	5.181.216.92 5.181.216.92	47583 (AS-HOSTINGER) (AS-HOSTINGER)
16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
12	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
4 4	52.39.207.175 52.39.207.175	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306	16509 (AMAZON-02) (AMAZON-02)
1 1	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6810:d40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400b:c02::5e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
102	22

23 5.181.216.92 (Germany)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv105.niagahoster.com

feryarya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.39.207.175 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-207-175.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.145.8 (Berlin, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.200.29 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:d40 (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400b:c02::5e (Dublin, Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	244 KB
23	feryarya.com feryarya.com	206 KB
19	doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	80 KB
11	bannerflow.net c.bannerflow.net	113 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	97 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	3 KB
4	addthis.com 4 redirects e.dlx.addthis.com	4 KB
4	google.com adservice.google.com www.google.com	1 KB
3	openx.net 3 redirects rtb.openx.net	987 B
3	googletagservices.com www.googletagservices.com	100 KB
2	rlcdn.com 2 redirects id.rlcdn.com	889 B
2	quantserve.com cms.quantserve.com	674 B
2	2mdn.net s0.2mdn.net	41 KB
2	google.de adservice.google.de	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	303 B
1	innovid.com ag.innovid.com	295 B
1	mookie1.com odr.mookie1.com	324 B
1	googleadservices.com partner.googleadservices.com	643 B
102	20

	Domain	Requested by
23	feryarya.com	feryarya.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net feryarya.com tpc.googlesyndication.com pagead2.googlesyndication.com
12	cm.g.doubleclick.net	googleads.g.doubleclick.net
11	c.bannerflow.net	s0.2mdn.net c.bannerflow.net
10	pagead2.googlesyndication.com	feryarya.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	e.dlx.addthis.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
3	rtb.openx.net	3 redirects
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	ade.googlesyndication.com
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	s0.2mdn.net	feryarya.com s0.2mdn.net
2	www.google.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.googleapis.com	feryarya.com googleads.g.doubleclick.net
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	feryarya.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
102	28

This site contains links to these domains. Also see Links.

Domain
mythemeshop.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
feryarya.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-11` - `2021-08-11`	a year	crt.sh

This page contains 13 frames:

Primary Page: http://feryarya.com/
Frame ID: E53474DC08E20E26094C519FA951B080
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html
Frame ID: F760445783858272B5B332702296DDAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&adk=318159125&adf=2184669829&lmt=1618430757&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fferyarya.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1618430756961&bpp=631&bdt=81&idt=691&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6328278699874&frm=20&pv=2&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=711
Frame ID: F6BF99DBC149B22958FADAE81973B481
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3493829638&adf=2924016242&pi=t.aa~a.3881340747~rp.1&w=980&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=980x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=3&bdt=907&idt=-M&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AQidiQ9uPG&p=http%3A//feryarya.com&dtd=14
Frame ID: 1680C9B19D577FD0BC572E6572357671
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3418264983&adf=2224009096&pi=t.aa~a.2322468633~rp.1&w=922&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=922x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=1&bdt=906&idt=1&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=3&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=347&ady=3058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VQXNjrIIDV&p=http%3A//feryarya.com&dtd=19
Frame ID: 87B86E191CBAC96DF6E9D0723548780F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7900BBDA99E664435A9F2F29416DA684
Requests: 9 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttefRr2NDbr1z1znV-U1TXn2pW1lwI_RTsSliTAgmSOlRQ5vj4QlePQINjDkmPYsIA8CoJd9sE53VSmAZ7uAXjViZYgOUW_JQ82yzS2-7CPzH2cDEVwBz6_QiY-i1L7ykBE7TpvrW0Tt29f5ZnbXtGfiRTNv2dKKt9JksOwzA1-cTXBieAWf-b4SRx_EV6Co9sOrO1CiB8VotNIpxyQ3r_FruQwhS_XhLKeSdesq99WymlXZkWXPFvMoGhPYh8RuyV3n6O66gs3I4h1sC5_VsgKJfHtwiP1LRsJPd4abYoENh8NVT1wLb8-4oB3HRnHfN2wRNNWlRoW6JVd4RQOgT9A34F98-hEZm6Nv61TPdnwF5TmfE-9m6bEzmDU0On_DWZqNgJ4NU-9-DNuV_XXoKO5GxUedgzcUj5FdZ15FzTsm0aGvHkl5EJEueSUkyk185UWrcVrvRLw19i8mjLMxzjI8v6XJTwkT6f7k_jV6zDZnXcmJkpbvKtfvKQ-zV0JfTLwth4RHnHiWHOz-NsfJ3NjnHj4cM6KudhzOMq_k6QogzMOsSo7HakYUu9WUszjv-MbejwSiJ4FCYx8ieU5NW2zVgcyr20Ci-ZIiYX17XNIKAfQxFoLMzDOf17VNtzWH1GEJIUV6YOXFf2u9KBy16HPM0BQ8H9HX_6dMjlV2QTSo-zj3kMqeHVj5oZYVC00YlpLzxvz9nPOSEXXAXbCuSCqx4_I4WPth5q1rVpYXFw3R5avz9zNYEQNVvzByCgc9Yg1K_LJBReLQQEGVf083_iaX8tqUbo1aNvgGgK5CM1BnCRAw4alzXInf5lPeoivwNRMMjmxkPRggPBMgLAbalCZ4gUizfaxC6HVEQhTOZH7ozCfBISx_omLHoLKl5qBcnDGc14kzPmJzPln4ixslHNu98mbsNpoWh8tU9biIl1NWrue5k&sig=Cg0ArKJSzNCgmYR011oKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 6AB95F034494C7D0361D09AD3F9EF92D
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js
Frame ID: 6F9C6C7F555A12E9040426371A164219
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F2048C055F06D8BB1E18C2A6CE52C1B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DACD63E8AC473167747EF45538743003
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Frame ID: 977BDC1AD538BC0BC2D520CFA6615C24
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E3360F2E3AAD81514AE34520FA0618B2
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F93fef7c3-ffaf-45a6-8418-fdafa20c7799.png&w=13&h=12&q=90&f=webp&rt=contain
Frame ID: 4A96771015248946D26C064C66B542A2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

102
Requests

81 %
HTTPS

52 %
IPv6

20
Domains

28
Subdomains

22
IPs

5
Countries

887 kB
Transfer

2162 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://mythemeshop.com/
Title: MyThemeShop

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJYN7102mvz6KvnauXfqRDwJG7QiP76OcqInNvcUmzT3c83WUbVY8Fncyjgv5bVWT9FmcExrHxur2AEXu8ZhROmDyFUcLE&google_gid=CAESEMV67Cumy___3PW3Oz-fizg&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKaW3YMGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVKWU43MTAybXZ6Nkt2bmF1WGZxUkR3Skc3UWlQNzZPY3FJbk52Y1VtelQzYzgzV1ViVlk4Rm5jeWpndjViVldUOUZtY0V4ckh4dXIyQUVYdThaaFJPbUR5RlVjTEU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwemMxbTRLQ2RIUWJ2QUoxT2hSMXdqRUZtZ1hmU3k4QUdLdm9FaktQR05qYw==&google_push

Request Chain 63

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULtcfA8sW42gPFc4AsogrHjwcqTBU-Fa_YwAm4wPpm5607AprsD3P4MQpkWWZ7vkUOJnK7u3fGMRYX0Xd8vZVZ-oOg0Xus&google_gid=CAESEFl2azjoBu6TCoYr7O4CMY4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULtcfA8sW42gPFc4AsogrHjwcqTBU-Fa_YwAm4wPpm5607AprsD3P4MQpkWWZ7vkUOJnK7u3fGMRYX0Xd8vZVZ-oOg0Xus&google_gid=CAESEFl2azjoBu6TCoYr7O4CMY4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk0NTM2MDM0MjMwNDU3OQ%3D%3D&google_push=AQvitULtcfA8sW42gPFc4AsogrHjwcqTBU-Fa_YwAm4wPpm5607AprsD3P4MQpkWWZ7vkUOJnK7u3fGMRYX0Xd8vZVZ-oOg0Xus

Request Chain 65

https://rtb.openx.net/sync/dds?google_gid=CAESELsjll1o7vbRYqetQnfnAyM&google_cver=1&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESELsjll1o7vbRYqetQnfnAyM&google_cver=1&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==

Request Chain 66

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHRl3Kvfmbs6XQnJlxhp5Ds&google_cver=1&google_push=AQvitULl0aMKGAfZj-sbCLahClCmZrhwbem3I3FbIR6tMRWYHZqBAnfTjAho3HeWnuQHnKmGXE9tqNBYWNklU81QvjgRkvbokg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHRl3Kvfmbs6XQnJlxhp5Ds&google_cver=1&google_push=AQvitULl0aMKGAfZj-sbCLahClCmZrhwbem3I3FbIR6tMRWYHZqBAnfTjAho3HeWnuQHnKmGXE9tqNBYWNklU81QvjgRkvbokg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-dRn_0GQQ-Igdap5YKNtw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULl0aMKGAfZj-sbCLahClCmZrhwbem3I3FbIR6tMRWYHZqBAnfTjAho3HeWnuQHnKmGXE9tqNBYWNklU81QvjgRkvbokg

Request Chain 67

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMDSbCQILtPJ30Eu7GR98nA&google_cver=1&google_push=AQvitULBkqyxnBTnecV3h7h8osNLxLwwGMfFCCpEhtA9nM4OmqJl_4wlS89QfV7N0Nj5PLU96DQzhCi7pT6c7Ujk8PwmQWpCFA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMDSbCQILtPJ30Eu7GR98nA&google_cver=1&google_push=AQvitULBkqyxnBTnecV3h7h8osNLxLwwGMfFCCpEhtA9nM4OmqJl_4wlS89QfV7N0Nj5PLU96DQzhCi7pT6c7Ujk8PwmQWpCFA&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyOQAABIQAAAIB&google_push=AQvitULBkqyxnBTnecV3h7h8osNLxLwwGMfFCCpEhtA9nM4OmqJl_4wlS89QfV7N0Nj5PLU96DQzhCi7pT6c7Ujk8PwmQWpCFA&google_gid=CAESEMDSbCQILtPJ30Eu7GR98nA&google_cver=1

Request Chain 75

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJ3dtBjsUtg5Mk4J012Bca7Df6IgA2zZEC0QTE_KTb5DxOq39vtx_Q_aS2mYE4puidGqpXsVOs7FgVEAnFBX995MpfaLF7V&google_gid=CAESEJsGMtvilQ8s-dm2qSu8IpI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJ3dtBjsUtg5Mk4J012Bca7Df6IgA2zZEC0QTE_KTb5DxOq39vtx_Q_aS2mYE4puidGqpXsVOs7FgVEAnFBX995MpfaLF7V&google_gid=CAESEJsGMtvilQ8s-dm2qSu8IpI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk2MjQ4Mzk0NjcyOTcwMQ%3D%3D&google_push=AQvitUJ3dtBjsUtg5Mk4J012Bca7Df6IgA2zZEC0QTE_KTb5DxOq39vtx_Q_aS2mYE4puidGqpXsVOs7FgVEAnFBX995MpfaLF7V

Request Chain 76

https://rtb.openx.net/sync/dds?google_gid=CAESEOq9hGyXDUyNJrYeKtjYNvc&google_cver=1&google_push=AQvitULAC3e_C-QN9b6Jbrx87MCZRF7rgru1Nyctuqb-eDaF9uYiwgg3O41wpPMg_l4D0d_-b3q8GC6-l_URzz8IAsl-2QEp5Afh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAC3e_C-QN9b6Jbrx87MCZRF7rgru1Nyctuqb-eDaF9uYiwgg3O41wpPMg_l4D0d_-b3q8GC6-l_URzz8IAsl-2QEp5Afh&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==

Request Chain 77

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOrOLp-VJaF59eMaNgyxf40&google_cver=1&google_push=AQvitUKgayuA68qPA0dNoGgfqV6F01uiseSMiznnytUqvKIfc9P5-ISt7K7AzcXZjSIPJkkDeoudoN2GU2errWn8pVdP8dcZD5Rj HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOrOLp-VJaF59eMaNgyxf40&google_cver=1&google_push=AQvitUKgayuA68qPA0dNoGgfqV6F01uiseSMiznnytUqvKIfc9P5-ISt7K7AzcXZjSIPJkkDeoudoN2GU2errWn8pVdP8dcZD5Rj&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lfx_4gjZTbC3ifVCSZPR2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKgayuA68qPA0dNoGgfqV6F01uiseSMiznnytUqvKIfc9P5-ISt7K7AzcXZjSIPJkkDeoudoN2GU2errWn8pVdP8dcZD5Rj

Request Chain 78

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHMWg1ZwX0NFWmgS5ezMiYI&google_cver=1&google_push=AQvitUL82n5aOSAWcZvBZA0JGOSqY0Jgoj-euEYtjlGoXGDtEVSQniNeOe4ZJrPLp8z-pVOLpU1mcygt0cq8-CYmkV8X63byj_7b HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHMWg1ZwX0NFWmgS5ezMiYI&google_cver=1&google_push=AQvitUL82n5aOSAWcZvBZA0JGOSqY0Jgoj-euEYtjlGoXGDtEVSQniNeOe4ZJrPLp8z-pVOLpU1mcygt0cq8-CYmkV8X63byj_7b&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyPgAABHAAAAIB&google_cver=1&google_push=AQvitUL82n5aOSAWcZvBZA0JGOSqY0Jgoj-euEYtjlGoXGDtEVSQniNeOe4ZJrPLp8z-pVOLpU1mcygt0cq8-CYmkV8X63byj_7b&google_gid=CAESEHMWg1ZwX0NFWmgS5ezMiYI

Request Chain 80

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENtkzZuQBkjZ92zhErdn-1c&google_cver=1&google_push=AQvitUIVxEc2FCbYjIeHB1JDbsWgmzET00A05Ho1dvyLznIkPTGGoq-9agCr0D8sHzFdNaRgdcBxcyM-FijPJa2rXDRbWn7jKcyB HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIVxEc2FCbYjIeHB1JDbsWgmzET00A05Ho1dvyLznIkPTGGoq-9agCr0D8sHzFdNaRgdcBxcyM-FijPJa2rXDRbWn7jKcyB&google_hm=

102 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
feryarya.com/ 53 KB
11 KB 772ms
518ms Document
text/html 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 056a705c42ec2de5b9ab7149aa0fa2694e41656deaf8c1c4ff28a422dc5e8ca4

Request headers

Host: feryarya.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
link: <https://feryarya.com/wp-json/>; rel="https://api.w.org/"
content-length: 11031
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Wed, 14 Apr 2021 20:05:56 GMT
server: LiteSpeed

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: feryarya.com
URL: http://feryarya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

764fce4e57ffe5d57dfb1cb47ff3aed29cfb557d61c01c26499ae6d82870fd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48482
x-xss-protection: 0
server: cafe
etag: 6346180602110889546
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 20:05:56 GMT

GET
H/1.1 200
OK style.css
feryarya.com/wp-includes/css/dist/block-library/ 63 KB
9 KB 276ms
275ms Stylesheet
text/css 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-includes/css/dist/block-library/style.css
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 9de915b8773f1be6b99448d8fbdb7c359f10b5a06f544181597b8523eca6278b

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Thu, 30 Apr 2020 04:04:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 9248
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK style.css
feryarya.com/wp-content/themes/mts_point_pro/ 55 KB
11 KB 295ms
293ms Stylesheet
text/css 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/style.css
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: ae112e8a176fdd2abe4f94b9f9bfebce7626e07bc1d57434381ca88f15282ff1

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 11374
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK font-awesome.min.css
feryarya.com/wp-content/themes/mts_point_pro/css/ 28 KB
7 KB 488ms
462ms Stylesheet
text/css 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/css/font-awesome.min.css
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 39043cb6354e318af6f4f37b70b1a057b485f6e367ad9b578901185cbfe8c06a

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6590
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK responsive.css
feryarya.com/wp-content/themes/mts_point_pro/css/ 12 KB
3 KB 489ms
463ms Stylesheet
text/css 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/css/responsive.css
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 2955ac81dc36521041b442def62dc446771c12d5b0d5a5f99df973e524138360

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2612
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK jquery.js Show response
feryarya.com/wp-includes/js/jquery/ 95 KB
33 KB 492ms
466ms Script
application/javascript 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-includes/js/jquery/jquery.js
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 09:30:33 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 33836
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK jquery-migrate.js Show response
feryarya.com/wp-includes/js/jquery/ 23 KB
8 KB 488ms
462ms Script
application/javascript 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-includes/js/jquery/jquery-migrate.js
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: dce50148adaff4dccd1d95c9b25563011436e398272d530e974193b8685340a2

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 09:30:33 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7812
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK customscript.js Show response
feryarya.com/wp-content/themes/mts_point_pro/js/ 7 KB
3 KB 197ms
197ms Script
application/javascript 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/js/customscript.js
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: d44842f6b841ee99244fa24f1f7bfc1f9d4949f9ce10cc9482604aabf6fe119c

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2220
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 752 B
883 B 19ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Droid+Sans:700|Droid+Sans:normal&subset=latin

Requested by

Host: feryarya.com
URL: http://feryarya.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b6f05ab9333e008cdd3168183413a77142093a239a1878449373600a5f87749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 20:05:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Apr 2021 20:05:56 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 14 Apr 2021 20:05:56 GMT

GET
H2 200 IMG_20201231_220031-220x162.jpg
feryarya.com/wp-content/uploads/2020/12/ 8 KB
8 KB 739ms
353ms Image
image/jpeg 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feryarya.com/wp-content/uploads/2020/12/IMG_20201231_220031-220x162.jpg
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 5a92f5825405f86c0e8905c0b9e64ba965bd45763bc79c7a3943f4e5a542dd45

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
last-modified: Thu, 31 Dec 2020 15:04:07 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7971
expires: Wed, 21 Apr 2021 20:05:58 GMT

GET
H2 200 IMG_20201230_123657-220x162.jpg
feryarya.com/wp-content/uploads/2020/12/ 10 KB
10 KB 750ms
363ms Image
image/jpeg 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feryarya.com/wp-content/uploads/2020/12/IMG_20201230_123657-220x162.jpg
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 7b89e7248d75bd8f4cd7f8188fa52a57f1c84ad260d255fc236f07ed0fdb8b71

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
last-modified: Wed, 30 Dec 2020 05:38:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10288
expires: Wed, 21 Apr 2021 20:05:58 GMT

GET
H/1.1 200
OK nothumb-pointpro-featured.png
feryarya.com/wp-content/themes/mts_point_pro/images/ 1 KB
1 KB 200ms
197ms Image
image/png 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/images/nothumb-pointpro-featured.png
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: d9ee84e53ddbff33f8b4b8645b7c7e54678431da5748643deaebcf320321fcfa

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1052
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H2 404 FB_IMG_1544707913955-1-225x300.jpg
feryarya.com/wp-content/uploads/2018/12/ 0
0 909ms
523ms Image
text/html 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feryarya.com/wp-content/uploads/2018/12/FB_IMG_1544707913955-1-225x300.jpg
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 WhatsApp-Image-2018-02-25-at-15.41.13-1-300x225.jpeg
feryarya.com/wp-content/uploads/2018/02/ 0
0 815ms
429ms Image
text/html 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feryarya.com/wp-content/uploads/2018/02/WhatsApp-Image-2018-02-25-at-15.41.13-1-300x225.jpeg
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 WhatsApp-Image-2018-02-10-at-17.21.40-1-300x169.jpeg
feryarya.com/wp-content/uploads/2018/02/ 0
0 905ms
519ms Image
text/html 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feryarya.com/wp-content/uploads/2018/02/WhatsApp-Image-2018-02-10-at-17.21.40-1-300x169.jpeg
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 IMG_20201231_220031-140x130.jpg
feryarya.com/wp-content/uploads/2020/12/ 5 KB
6 KB 576ms
191ms Image
image/jpeg 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feryarya.com/wp-content/uploads/2020/12/IMG_20201231_220031-140x130.jpg
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 8242bd8351adbdc5705544e2874b8acc124194c943ac510f8bcf7483d23861be

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
last-modified: Thu, 31 Dec 2020 15:04:07 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5441
expires: Wed, 21 Apr 2021 20:05:58 GMT

GET
H2 200 IMG_20201230_123657-140x130.jpg
feryarya.com/wp-content/uploads/2020/12/ 6 KB
6 KB 363ms
362ms Image
image/jpeg 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://feryarya.com/wp-content/uploads/2020/12/IMG_20201230_123657-140x130.jpg
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 084d0930e71428b856005ed0738c19a61c581eb17b8a0a111a3d197d814b2074

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
last-modified: Wed, 30 Dec 2020 05:38:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6037
expires: Wed, 21 Apr 2021 20:05:58 GMT

GET
H/1.1 200
OK nothumb-pointpro-carousel.png
feryarya.com/wp-content/themes/mts_point_pro/images/ 836 B
1 KB 193ms
191ms Image
image/png 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/images/nothumb-pointpro-carousel.png
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: fb50d59f5c8b789d5791060ef5ad36648016d08486c986c6980a56c1dd65744d

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 836
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK wp-embed.js Show response
feryarya.com/wp-includes/js/ 3 KB
2 KB 196ms
196ms Script
application/javascript 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-includes/js/wp-embed.js
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 09:30:33 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1263
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK jquery.webticker.js Show response
feryarya.com/wp-content/themes/mts_point_pro/js/ 11 KB
4 KB 206ms
206ms Script
application/javascript 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/js/jquery.webticker.js
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 70957bca35655d46737fd87b36135d51b6bd77020ddc93bccf418aee30d2510e

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3343
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK twemoji.js Show response
feryarya.com/wp-includes/js/ 27 KB
8 KB 199ms
198ms Script
application/javascript 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-includes/js/twemoji.js
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: fd503ca2cb350bd8ecec266730289fd8a519faffe250b976f7963dc10bfd829c

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 09:30:33 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7877
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK wp-emoji.js Show response
feryarya.com/wp-includes/js/ 9 KB
4 KB 191ms
191ms Script
application/javascript 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-includes/js/wp-emoji.js
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
last-modified: Wed, 01 Apr 2020 11:39:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3438
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/ 222 KB
83 KB 52ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1685891029929825&plah=feryarya.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84808
x-xss-protection: 0
server: cafe
etag: 12939789125640300468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK nobg.png
feryarya.com/wp-content/themes/mts_point_pro/images/ 68 B
409 B 193ms
193ms Image
image/png 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/images/nobg.png
Requested by: Host: feryarya.com
URL: http://feryarya.com/
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 68
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H/1.1 200
OK SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans:700|Droid+Sans:normal&subset=latin

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://feryarya.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 02:03:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 01:56:42 GMT
Server: sffe
Age: 583365
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 21232
X-XSS-Protection: 0
Expires: Fri, 08 Apr 2022 02:03:12 GMT

GET
H/1.1 200
OK SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Droid+Sans:700|Droid+Sans:normal&subset=latin

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://feryarya.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 02:03:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Feb 2020 02:52:18 GMT
Server: sffe
Age: 583365
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 22340
X-XSS-Protection: 0
Expires: Fri, 08 Apr 2022 02:03:12 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
feryarya.com/wp-content/themes/mts_point_pro/fonts/ 70 KB
71 KB 194ms
193ms Font
font/woff2 5.181.216.92
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: http://feryarya.com/wp-content/themes/mts_point_pro/fonts/fontawesome-webfont.woff2
Requested by: Host: feryarya.com
URL: http://feryarya.com/wp-content/themes/mts_point_pro/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 5.181.216.92 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS: srv105.niagahoster.com
Software: LiteSpeed /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: http://feryarya.com
Referer: http://feryarya.com/wp-content/themes/mts_point_pro/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
last-modified: Wed, 09 Sep 2020 03:39:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 71896
expires: Wed, 21 Apr 2021 20:05:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/ Frame F760 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210412/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://feryarya.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://feryarya.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 14 Apr 2021 17:54:56 GMT
expires: Wed, 28 Apr 2021 17:54:56 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 7861
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
643 B 190ms
82ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=feryarya.com&callback=_gfp_s_&client=ca-pub-1685891029929825

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1685891029929825&plah=feryarya.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e07d2a479d7351305193bacf0ad8cb2cdaec14ba6b112e74f48e1ff752d749c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 38ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=feryarya.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=feryarya.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F6BF 14 KB
1 KB 85ms
85ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&adk=318159125&adf=2184669829&lmt=1618430757&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fferyarya.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1618430756961&bpp=631&bdt=81&idt=691&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6328278699874&frm=20&pv=2&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=711

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874a99a1045da76c96efc7024aad44aec8759b9bc1e9005b2f5c840d82c59037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1685891029929825&output=html&adk=318159125&adf=2184669829&lmt=1618430757&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fferyarya.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1618430756961&bpp=631&bdt=81&idt=691&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6328278699874&frm=20&pv=2&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=711
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://feryarya.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://feryarya.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Apr 2021 20:05:57 GMT
server: cafe
content-length: 1104
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 14-Apr-2021 20:20:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 20:05:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 14 Apr 2021 20:05:57 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 42ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=feryarya.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=feryarya.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 20:05:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1680 77 KB
26 KB 473ms
472ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3493829638&adf=2924016242&pi=t.aa~a.3881340747~rp.1&w=980&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=980x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=3&bdt=907&idt=-M&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AQidiQ9uPG&p=http%3A//feryarya.com&dtd=14

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04dd0ab3e5724e28f23d12fd5e16448a307d12c192b5dc9e0c960eecd13e6ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3493829638&adf=2924016242&pi=t.aa~a.3881340747~rp.1&w=980&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=980x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=3&bdt=907&idt=-M&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AQidiQ9uPG&p=http%3A//feryarya.com&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://feryarya.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://feryarya.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Apr 2021 20:05:58 GMT
server: cafe
content-length: 26720
x-xss-protection: 0
set-cookie: IDE=AHWqTUnMW2r_Y6YKjpaX7Wky-0D_S4E4PswNQYiuGXNHWYB1wBFedvop-vMPcVgyVJg; expires=Mon, 09-May-2022 20:05:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 20:05:58 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87B8 61 KB
24 KB 528ms
528ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3418264983&adf=2224009096&pi=t.aa~a.2322468633~rp.1&w=922&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=922x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=1&bdt=906&idt=1&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=3&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=347&ady=3058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VQXNjrIIDV&p=http%3A//feryarya.com&dtd=19

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

996ebe8965544dcf082d2aa58a476e5e406b297afe391522e4961162bf418100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3418264983&adf=2224009096&pi=t.aa~a.2322468633~rp.1&w=922&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=922x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=1&bdt=906&idt=1&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=3&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=347&ady=3058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VQXNjrIIDV&p=http%3A//feryarya.com&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://feryarya.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://feryarya.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 14 Apr 2021 20:05:58 GMT
server: cafe
content-length: 24652
x-xss-protection: 0
set-cookie: IDE=AHWqTUk_miuy_j1bWE9AfmAe7FP5aMk8Lk6td7zfHSqeJ_t7qUzy6fmoy5IncYtWwiw; expires=Mon, 09-May-2022 20:05:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Apr 2021 20:05:58 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 1680 3 KB
1 KB 32ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3493829638&adf=2924016242&pi=t.aa~a.3881340747~rp.1&w=980&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=980x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=3&bdt=907&idt=-M&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AQidiQ9uPG&p=http%3A//feryarya.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 18:36:04 GMT
server: ESF
date: Wed, 14 Apr 2021 20:05:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 20:05:58 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 1680 1 KB
989 B 35ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 20:04:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/ Frame 1680 17 KB
7 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17366458733339412862
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 19:58:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 1680 2 KB
1 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 20:05:27 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1680 118 KB
36 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 20:05:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 1680 13 KB
6 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 20:03:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1680 0
0 37ms
17ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9BiXGF9mTIAascJEw3StzycEOGUE0ZbAd3t9Pyk3S_WsbeiGi6dTUbsF-Xn3JmUPziX0HftzyD_VANN8dFak0QOPorA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3493829638&adf=2924016242&pi=t.aa~a.3881340747~rp.1&w=980&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=980x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=3&bdt=907&idt=-M&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AQidiQ9uPG&p=http%3A//feryarya.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 1680 25 KB
11 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 09:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 36717
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Tue, 13 Jul 2021 09:54:01 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/325661028999176873/ Frame 1680 10 KB
11 KB 27ms
12ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/325661028999176873/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd576f3d728d4314cc39de21fa7a6cf986ce6f61662840eb0c5a028b24c24036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:21:44 GMT
x-content-type-options: nosniff
age: 549854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10646
x-xss-protection: 0
last-modified: Fri, 10 May 2019 11:11:18 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 11:21:44 GMT

GET
DATA 200
OK truncated
/ Frame 1680 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1680 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzOqWJUt3YOTzMdry3wOq9a_oBqGyq51gpMjz2q8KtZnZgIsaEAEgqsjiS2CVAqAB8vX88gPIAQmpAg4YtyasE7Q-qAMByAPLBKoEtAFP0Nu2TTZqaQOvBIa86-A0pwB9yw1b67XXO6NVC-Kwg0ZlGo86D9zyz5oQJGI1H96TRVW5iZbX70-fJLvRZFs6aYtBbJ1X5GtoXnurCzVihFVkAO9NRiYY1a0W17ClGLXppj5cWnAUOU_etXSX8r3-StizPSFAbHMmIF3Xxm2PfRtqg9z2TIl5-A9aaNgYvqj9bezTSmzut41FhzH5ygQet9Xc90-g0KYw1rEIxA7OarckFhnABOy9jcnEApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf2iYMNqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKK3J9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFASyFxoKGAgAEhRwdWItMTY4NTg5MTAyOTkyOTgyNQ&sigh=vTzL3zeN1g8&template_id=5000

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3493829638&adf=2924016242&pi=t.aa~a.3881340747~rp.1&w=980&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=980x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=3&bdt=907&idt=-M&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AQidiQ9uPG&p=http%3A//feryarya.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 14 Apr 2021 20:05:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7900 1 KB
835 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 14 Apr 2021 03:14:09 GMT
expires: Thu, 15 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 60709
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1680 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7687362e794baa7e5c3a4589e137415d805eb674d157cf3aa0b482c827ec5527

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1680 21 KB
22 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 295340
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1680 21 KB
21 KB 28ms
12ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 583376
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6AB9 0
0 189ms
89ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttefRr2NDbr1z1znV-U1TXn2pW1lwI_RTsSliTAgmSOlRQ5vj4QlePQINjDkmPYsIA8CoJd9sE53VSmAZ7uAXjViZYgOUW_JQ82yzS2-7CPzH2cDEVwBz6_QiY-i1L7ykBE7TpvrW0Tt29f5ZnbXtGfiRTNv2dKKt9JksOwzA1-cTXBieAWf-b4SRx_EV6Co9sOrO1CiB8VotNIpxyQ3r_FruQwhS_XhLKeSdesq99WymlXZkWXPFvMoGhPYh8RuyV3n6O66gs3I4h1sC5_VsgKJfHtwiP1LRsJPd4abYoENh8NVT1wLb8-4oB3HRnHfN2wRNNWlRoW6JVd4RQOgT9A34F98-hEZm6Nv61TPdnwF5TmfE-9m6bEzmDU0On_DWZqNgJ4NU-9-DNuV_XXoKO5GxUedgzcUj5FdZ15FzTsm0aGvHkl5EJEueSUkyk185UWrcVrvRLw19i8mjLMxzjI8v6XJTwkT6f7k_jV6zDZnXcmJkpbvKtfvKQ-zV0JfTLwth4RHnHiWHOz-NsfJ3NjnHj4cM6KudhzOMq_k6QogzMOsSo7HakYUu9WUszjv-MbejwSiJ4FCYx8ieU5NW2zVgcyr20Ci-ZIiYX17XNIKAfQxFoLMzDOf17VNtzWH1GEJIUV6YOXFf2u9KBy16HPM0BQ8H9HX_6dMjlV2QTSo-zj3kMqeHVj5oZYVC00YlpLzxvz9nPOSEXXAXbCuSCqx4_I4WPth5q1rVpYXFw3R5avz9zNYEQNVvzByCgc9Yg1K_LJBReLQQEGVf083_iaX8tqUbo1aNvgGgK5CM1BnCRAw4alzXInf5lPeoivwNRMMjmxkPRggPBMgLAbalCZ4gUizfaxC6HVEQhTOZH7ozCfBISx_omLHoLKl5qBcnDGc14kzPmJzPln4ixslHNu98mbsNpoWh8tU9biIl1NWrue5k&sig=Cg0ArKJSzNCgmYR011oKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: feryarya.com
URL: http://feryarya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 14 Apr 2021 20:05:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 6AB9 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: feryarya.com
URL: http://feryarya.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2425
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:25:33 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6AB9 41 KB
15 KB 39ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: feryarya.com
URL: http://feryarya.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 17:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10808
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 17:05:50 GMT

GET
H3-Q050 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 6AB9 30 KB
12 KB 36ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3418264983&adf=2224009096&pi=t.aa~a.2322468633~rp.1&w=922&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=922x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=1&bdt=906&idt=1&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=3&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=347&ady=3058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VQXNjrIIDV&p=http%3A//feryarya.com&dtd=19

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ebabf4af74f07fdafe166786cf5f881d9f18f5222579fa1b22f4ae67b55068c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12020
x-xss-protection: 0
server: cafe
etag: 7010355083530940861
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 20:03:01 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 6AB9 2 KB
2 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 20:05:27 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6AB9 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 20:05:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 6AB9 13 KB
6 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 20:03:52 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6AB9 0
0 44ms
31ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJ7iRC8P6Er0vsCKXd0MaxrvB6jfR2ZpB6NY501ImiGbGClyHqeI20e4hMJWeePCdbodqXivjD8OhJu-rThjTuMVIn4w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3418264983&adf=2224009096&pi=t.aa~a.2322468633~rp.1&w=922&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=922x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=1&bdt=906&idt=1&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=3&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=347&ady=3058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VQXNjrIIDV&p=http%3A//feryarya.com&dtd=19
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/ Frame 6AB9 17 KB
7 KB 35ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17366458733339412862
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 19:58:13 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7900 35 B
464 B 31ms
13ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOKzmXY3K5aET_vQcfZ2ol4&google_cver=1&google_push=AQvitUJCMZD4P4pOV_cE2VcMaqM_aIOkWl9Nn-rnQwweiwJxC3ubIjXWzYYM3mn_5_bFuqFlvWE8QfY383YanDe1It-sxg3PRX8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 7900
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJYN7102mvz6KvnauXfqRDwJG7QiP76OcqInNvcUmzT3c83WUbVY8Fncyjgv5bVWT9FmcExrHxur2AEXu8ZhROmDyFUcLE&google_gid=CAESEMV67Cumy___3PW3Oz-fizg&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKaW3YMGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUXZpdFVKWU43MTAybXZ6Nkt2bmF1WGZxUkR3Skc3UWlQNzZPY3FJbk52Y1VtelQzYzgzV1ViVlk4Rm5jeWpndjViVldUOUZtY0V4ckh4dXIyQUVYdT...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwemMxbTRLQ2RIUWJ2QUoxT2hSMXdqRUZtZ1hmU3k4QUdLdm9FaktQR05qYw==&google_push

170 B
190 B

89ms
76ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwemMxbTRLQ2RIUWJ2QUoxT2hSMXdqRUZtZ1hmU3k4QUdLdm9FaktQR05qYw==&google_push

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 14 Apr 2021 20:05:58 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwemMxbTRLQ2RIUWJ2QUoxT2hSMXdqRUZtZ1hmU3k4QUdLdm9FaktQR05qYw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 7900
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULtcfA8...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitULtcfA8...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk0NTM2MDM0MjMwNDU3OQ%3D%3D&google_push=AQvitULtcfA8sW42gPFc4AsogrHjwcqTBU-Fa_YwAm4wPpm5607AprsD3P4MQpkWWZ7vkU...

170 B
213 B

59ms
59ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk0NTM2MDM0MjMwNDU3OQ%3D%3D&google_push=AQvitULtcfA8sW42gPFc4AsogrHjwcqTBU-Fa_YwAm4wPpm5607AprsD3P4MQpkWWZ7vkUOJnK7u3fGMRYX0Xd8vZVZ-oOg0Xus

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk0NTM2MDM0MjMwNDU3OQ%3D%3D&google_push=AQvitULtcfA8sW42gPFc4AsogrHjwcqTBU-Fa_YwAm4wPpm5607AprsD3P4MQpkWWZ7vkUOJnK7u3fGMRYX0Xd8vZVZ-oOg0Xus
Pragma: no-cache
Date: Wed, 14 Apr 2021 20:05:59 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 7900 43 B
324 B 163ms
59ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENPppp6zU2JWkA_jUDnlK5g&google_push=AQvitULP2EpTOBA24kG0R3G_h-ElziNC0RDNgNtPHeuHNRLrNFU_72IeZLbO6eOgyUL2kt4URjEoKJQ-aqP4lKXn4tmhagv3IQ0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3493829638&adf=2924016242&pi=t.aa~a.3881340747~rp.1&w=980&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=980x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=3&bdt=907&idt=-M&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AQidiQ9uPG&p=http%3A//feryarya.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 7900
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELsjll1o7vbRYqetQnfnAyM&google_cver=1&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw
https://rtb.openx.net/sync/dds?google_gid=CAESELsjll1o7vbRYqetQnfnAyM&google_cver=1&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw&ox...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==

170 B
287 B

86ms
74ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJMOrpF-6Grl-7pxNXdCc9ORBf68KTDU0j84rUU5zAI_dIgW9snoVz8TgEOtfQ_hNhQ6PPHCbGkT_XFAvwqoW_7fTOjjw&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: mig9fnd0e7q9432270pa6r58stcgh3ps

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 7900
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-dRn_0GQQ-Igdap5YKNtw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

59ms
59ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-dRn_0GQQ-Igdap5YKNtw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULl0aMKGAfZj-sbCLahClCmZrhwbem3I3FbIR6tMRWYHZqBAnfTjAho3HeWnuQHnKmGXE9tqNBYWNklU81QvjgRkvbokg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K-dRn_0GQQ-Igdap5YKNtw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULl0aMKGAfZj-sbCLahClCmZrhwbem3I3FbIR6tMRWYHZqBAnfTjAho3HeWnuQHnKmGXE9tqNBYWNklU81QvjgRkvbokg
Date: Wed, 14 Apr 2021 20:05:58 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 7900
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMDSbCQILtPJ30Eu7GR98nA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMDSbCQILtPJ30Eu7GR98nA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyOQAABIQAAAIB&google_push=AQvitULBkqyxnBTnecV3h7h8osNLxLwwGMfFCCpEhtA9nM4OmqJl_4wlS89QfV7N0Nj5PLU96DQzhCi7pT6c7Ujk8P...

170 B
190 B

61ms
60ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyOQAABIQAAAIB&google_push=AQvitULBkqyxnBTnecV3h7h8osNLxLwwGMfFCCpEhtA9nM4OmqJl_4wlS89QfV7N0Nj5PLU96DQzhCi7pT6c7Ujk8PwmQWpCFA&google_gid=CAESEMDSbCQILtPJ30Eu7GR98nA&google_cver=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:05:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyOQAABIQAAAIB&google_push=AQvitULBkqyxnBTnecV3h7h8osNLxLwwGMfFCCpEhtA9nM4OmqJl_4wlS89QfV7N0Nj5PLU96DQzhCi7pT6c7Ujk8PwmQWpCFA&google_gid=CAESEMDSbCQILtPJ30Eu7GR98nA&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Wed, 14 Apr 2021 20:05:58 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7900 0
236 B 169ms
57ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JbrFN_chYt6Bep4AaH55A08czudrdw6JeuAh75XL9yE6mHcQNe1W8W04pCNG1m8wQmiXdY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F9C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 3630
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0F20 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 14 Apr 2021 03:14:09 GMT
expires: Thu, 15 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 60709
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6AB9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3732edceb5fcc3ad4928d1a1a536524c99e933f7a9624cf34d33779e0200e6e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DACD 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 14 Apr 2021 17:06:29 GMT
expires: Thu, 14 Apr 2022 17:06:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10769
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html Show response
s0.2mdn.net/6418128/1617814958816/ Frame 977B 4 KB
2 KB 34ms
20ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924c4a89295112cc9bdd0fe61b8da36e260eb0dbc88f8102c8d7e907299629d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1427
date: Wed, 14 Apr 2021 18:29:13 GMT
expires: Thu, 15 Apr 2021 18:29:13 GMT
last-modified: Wed, 07 Apr 2021 17:02:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 5805
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0F20 35 B
210 B 11ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELBjoT24k4SwlUPH4Q3cT4M&google_cver=1&google_push=AQvitUJbrLoqnSpk8cxEJRpEpKOETpeAoeY0LklPsdXbJTbZWX3XOlZo0AIbigt_s7EDzXcN7-qOD7CrAcPwGLYNhw76XLi3cA-e

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0F20
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJ3dtBj...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJ3dtBj...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk2MjQ4Mzk0NjcyOTcwMQ%3D%3D&google_push=AQvitUJ3dtBjsUtg5Mk4J012Bca7Df6IgA2zZEC0QTE_KTb5DxOq39vtx_Q_aS2mYE4pui...

170 B
190 B

58ms
58ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk2MjQ4Mzk0NjcyOTcwMQ%3D%3D&google_push=AQvitUJ3dtBjsUtg5Mk4J012Bca7Df6IgA2zZEC0QTE_KTb5DxOq39vtx_Q_aS2mYE4puidGqpXsVOs7FgVEAnFBX995MpfaLF7V

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTQyMDA1NTk2MjQ4Mzk0NjcyOTcwMQ%3D%3D&google_push=AQvitUJ3dtBjsUtg5Mk4J012Bca7Df6IgA2zZEC0QTE_KTb5DxOq39vtx_Q_aS2mYE4puidGqpXsVOs7FgVEAnFBX995MpfaLF7V
Pragma: no-cache
Date: Wed, 14 Apr 2021 20:05:59 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0F20
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEOq9hGyXDUyNJrYeKtjYNvc&google_cver=1&google_push=AQvitULAC3e_C-QN9b6Jbrx87MCZRF7rgru1Nyctuqb-eDaF9uYiwgg3O41wpPMg_l4D0d_-b3q8GC6-l_URzz8IAsl-2QEp5Afh
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAC3e_C-QN9b6Jbrx87MCZRF7rgru1Nyctuqb-eDaF9uYiwgg3O41wpPMg_l4D0d_-b3q8GC6-l_URzz8IAsl-2QEp5Afh&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==

170 B
190 B

70ms
70ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAC3e_C-QN9b6Jbrx87MCZRF7rgru1Nyctuqb-eDaF9uYiwgg3O41wpPMg_l4D0d_-b3q8GC6-l_URzz8IAsl-2QEp5Afh&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitULAC3e_C-QN9b6Jbrx87MCZRF7rgru1Nyctuqb-eDaF9uYiwgg3O41wpPMg_l4D0d_-b3q8GC6-l_URzz8IAsl-2QEp5Afh&google_hm=tQE-_1wtxU0PEYfZgZt1Ig==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: j27m4l9c4jtirg0rvrgnor1pme2l0ed3

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0F20
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lfx_4gjZTbC3ifVCSZPR2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

59ms
59ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lfx_4gjZTbC3ifVCSZPR2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKgayuA68qPA0dNoGgfqV6F01uiseSMiznnytUqvKIfc9P5-ISt7K7AzcXZjSIPJkkDeoudoN2GU2errWn8pVdP8dcZD5Rj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lfx_4gjZTbC3ifVCSZPR2A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKgayuA68qPA0dNoGgfqV6F01uiseSMiznnytUqvKIfc9P5-ISt7K7AzcXZjSIPJkkDeoudoN2GU2errWn8pVdP8dcZD5Rj
Date: Wed, 14 Apr 2021 20:05:58 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0F20
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHMWg1ZwX0NFWmgS5ezMiYI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHMWg1ZwX0NFWmgS5ezMiYI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyPgAABHAAAAIB&google_cver=1&google_push=AQvitUL82n5aOSAWcZvBZA0JGOSqY0Jgoj-euEYtjlGoXGDtEVSQniNeOe4ZJrPLp8z-pVOLpU1m...

170 B
190 B

59ms
59ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyPgAABHAAAAIB&google_cver=1&google_push=AQvitUL82n5aOSAWcZvBZA0JGOSqY0Jgoj-euEYtjlGoXGDtEVSQniNeOe4ZJrPLp8z-pVOLpU1mcygt0cq8-CYmkV8X63byj_7b&google_gid=CAESEHMWg1ZwX0NFWmgS5ezMiYI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 20:05:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHdLJmU9YH7vtfqCDnMyPgAABHAAAAIB&google_cver=1&google_push=AQvitUL82n5aOSAWcZvBZA0JGOSqY0Jgoj-euEYtjlGoXGDtEVSQniNeOe4ZJrPLp8z-pVOLpU1mcygt0cq8-CYmkV8X63byj_7b&google_gid=CAESEHMWg1ZwX0NFWmgS5ezMiYI
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Wed, 14 Apr 2021 20:05:58 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 0F20 43 B
295 B 63ms
18ms Image
image/gif 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBrJ4dckh3Oj4lx2Unc4g3k&google_cver=1&google_push=AQvitULlNpzOFgj1xXgwlZTcEG_IqpHsMLlAnuyBXX-CeAACzXTME7J5Mx4ndLD6t_zo7gElCuw_hrC_d27B4i-4k6RkpjYQIdU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1685891029929825&output=html&h=280&adk=3418264983&adf=2224009096&pi=t.aa~a.2322468633~rp.1&w=922&fwrn=4&fwrnh=100&lmt=1618430757&rafmt=1&to=qs&pwprc=4058663626&psa=0&format=922x280&url=http%3A%2F%2Fferyarya.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618430757787&bpp=1&bdt=906&idt=1&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=3&correlator=6328278699874&frm=20&pv=1&ga_vid=1185894145.1618430758&ga_sid=1618430758&ga_hid=1445900754&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=347&ady=3058&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739525%2C44740079&oid=2&pvsid=275304273526225&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VQXNjrIIDV&p=http%3A//feryarya.com&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 0F20
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENtkzZuQBkjZ92zhErdn-1c&google_cver=1&google_push=AQvitUIVxEc2FCbYjIeHB1JD...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIVxEc2FCbYjIeHB1JDbsWgmzET00A05Ho1dvyLznIkPTGGoq-9agCr0D8sHzFdNaRgdcBxcyM-FijPJa2rXDRbWn7jKcyB&google_hm=

170 B
190 B

59ms
59ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIVxEc2FCbYjIeHB1JDbsWgmzET00A05Ho1dvyLznIkPTGGoq-9agCr0D8sHzFdNaRgdcBxcyM-FijPJa2rXDRbWn7jKcyB&google_hm=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUIVxEc2FCbYjIeHB1JDbsWgmzET00A05Ho1dvyLznIkPTGGoq-9agCr0D8sHzFdNaRgdcBxcyM-FijPJa2rXDRbWn7jKcyB&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Tue, 13 Apr 2021 20:05:58 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 0F20 0
223 B 129ms
72ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZTrYBeI08MWfp90C5PJlLfbdwm0PByI2aCgdPQArX5lvnYIEz4jboKZURW5Yjyj-Zl4HOCg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame DACD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 3630
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
26ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210412&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2229584ea1b8c9c90f5fca2cb1822f113058eb5fa6e8e8a3131fbcee9633a0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 20:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 6AB9 54 KB
21 KB 142ms
44ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1470
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20914
x-xss-protection: 0
server: cafe
etag: 9171160076714409937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Apr 2021 20:41:28 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 14 Apr 2021 20:05:58 GMT

GET
H2 200 606de563b3521e8b1b19f4f5 Show response
c.bannerflow.net/a/ Frame 977B 54 KB
18 KB 54ms
37ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvVRNzS1xhNxrNAugBI9cBconmZU-P-YkhIVt5VcoYJth-X8xWeRFMba-CsNldiZfwNTc2K5WU1dhMe7f_8xUXZHyHXXbJrGE_BZnzgt8LtQYfl58iMSuDkJP-1nTEEzUq65jo7qFe-fpaBEWWHQ9GplZBUGa4zU-wDii1VCjsEjLqblOawi4GTwe-pJLZK-NTnZwyL-bIXUeYbQgrJGP9tZ01vTXbwMSNGWIIu_xxME6XlwlqNBkhQU4EZiSPQbKmNVhy-M3lCcUA4QHJfW1Pf2y9DN3fDCkjhN9bFrERzl8vgm80vV7tqxtWUUlfBOSnzgd9WVqt_MREAclKEENEAF9OYdGIuEmRELvY-eIckDcuwFv2zJrv8lVVFZbLzdM-ZIVwNN_n7dAPIgQ9Gj-TBJiV-vHTwzVIXtwym5-axLhbbBTZw_89BJHVsCSJGLbss2boI_c-h5XhW1ksg6LiBeOBgHqdnI0Sey94lEkRMegiHBhWhMe9vOMhA9diTgJyUjoztZ7aBMfdulKMifTWOufjAptGqcIV5mGW8WDPiBRTZD_WIMc7Le3W96kHMvYA_NXWog57XKx2yKSBBdm5_KfhR7xSFJ36J2fSuiZJqML2Q4mpsHmTPXNlxpR1xh1KU3SfdlsjgsrUmQBsqHM0oGMOGZwHD0crvlMf3i4tranjinLTOcK8alNAng-MbAd8UF4Qr8FR5B20tdE6dp9eoz30tLHzZ6ihvFeULFpCedJ9r7OHCl6G82EIOS7h_AzS658yZRX9ttwQiKcIN6eBG5D_CK9fNnNFo5iHC1fJCmW87N_l2KnObVX7UoNQaMgNBR9FskGLVR7Mix63fcrNsItLVqAXm6Js7WZGGXPyu8fhetStBJURlFm_KxsJ_VZGVJRHrKeMVvdqXDhynt7CDy2rZXYTlROeqBg%26sig%3DCg0ArKJSzP5fjxmAHDwQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a82d97615d04a1544f08daa422336c057a64fac95d515584eac98e15b00541

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 63ff8d523ab02bd6-FRA
link: <https://c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/preload.jpg>; rel=preload; as=image
cf-request-id: 097396a76000002bd6c9b72000000001
request-context: appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E336 12 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://feryarya.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://feryarya.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 14 Apr 2021 19:56:00 GMT
expires: Thu, 14 Apr 2022 19:56:00 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 598
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/ Frame 977B 15 KB
15 KB 19ms
18ms Image
image/jpeg 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/preload.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b9ca40006f602db21d8c8d3b5a7ebef00530a16af0f6744dc578141f2c11f7c

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Apr 2021 20:05:58 GMT
cf-cache-status: HIT
age: 615540
content-length: 15269
cf-request-id: 097396a79200002bd6e59f6000000001
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 17:01:43 GMT
server: cloudflare
etag: 0x8D8F9E6D20377D4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 41acf350-901e-004f-76d0-2b9c72000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63ff8d528b872bd6-FRA
cf-bgj: h2pri

GET
H2 200 document.4b5a4c912f.js Show response
c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/ Frame 977B 86 KB
10 KB 22ms
21ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/cmc-markets/560bd8d24d47fc28fc84259d/published/584414/751040/document.4b5a4c912f.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvVRNzS1xhNxrNAugBI9cBconmZU-P-YkhIVt5VcoYJth-X8xWeRFMba-CsNldiZfwNTc2K5WU1dhMe7f_8xUXZHyHXXbJrGE_BZnzgt8LtQYfl58iMSuDkJP-1nTEEzUq65jo7qFe-fpaBEWWHQ9GplZBUGa4zU-wDii1VCjsEjLqblOawi4GTwe-pJLZK-NTnZwyL-bIXUeYbQgrJGP9tZ01vTXbwMSNGWIIu_xxME6XlwlqNBkhQU4EZiSPQbKmNVhy-M3lCcUA4QHJfW1Pf2y9DN3fDCkjhN9bFrERzl8vgm80vV7tqxtWUUlfBOSnzgd9WVqt_MREAclKEENEAF9OYdGIuEmRELvY-eIckDcuwFv2zJrv8lVVFZbLzdM-ZIVwNN_n7dAPIgQ9Gj-TBJiV-vHTwzVIXtwym5-axLhbbBTZw_89BJHVsCSJGLbss2boI_c-h5XhW1ksg6LiBeOBgHqdnI0Sey94lEkRMegiHBhWhMe9vOMhA9diTgJyUjoztZ7aBMfdulKMifTWOufjAptGqcIV5mGW8WDPiBRTZD_WIMc7Le3W96kHMvYA_NXWog57XKx2yKSBBdm5_KfhR7xSFJ36J2fSuiZJqML2Q4mpsHmTPXNlxpR1xh1KU3SfdlsjgsrUmQBsqHM0oGMOGZwHD0crvlMf3i4tranjinLTOcK8alNAng-MbAd8UF4Qr8FR5B20tdE6dp9eoz30tLHzZ6ihvFeULFpCedJ9r7OHCl6G82EIOS7h_AzS658yZRX9ttwQiKcIN6eBG5D_CK9fNnNFo5iHC1fJCmW87N_l2KnObVX7UoNQaMgNBR9FskGLVR7Mix63fcrNsItLVqAXm6Js7WZGGXPyu8fhetStBJURlFm_KxsJ_VZGVJRHrKeMVvdqXDhynt7CDy2rZXYTlROeqBg%26sig%3DCg0ArKJSzP5fjxmAHDwQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6068bc400d961927d7312dbdaa75895571d4c1cca9b17d4224a1318777bdfbbb

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Apr 2021 20:05:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: S1pMkS9iH2acYeEx44SzIA==
age: 615538
cf-polished: origSize=97167
cf-request-id: 097396a7ad00002bd6121a9000000001
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 17:01:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e62e7cc7-d01e-0013-71d0-2bc92a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 63ff8d52ac072bd6-FRA
cf-bgj: minify

GET
H2 200 animated-creative.d2b931beb0c8e53510f4.js Show response
c.bannerflow.net/scripts/ Frame 977B 126 KB
39 KB 23ms
23ms Script
application/javascript 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.d2b931beb0c8e53510f4.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvVRNzS1xhNxrNAugBI9cBconmZU-P-YkhIVt5VcoYJth-X8xWeRFMba-CsNldiZfwNTc2K5WU1dhMe7f_8xUXZHyHXXbJrGE_BZnzgt8LtQYfl58iMSuDkJP-1nTEEzUq65jo7qFe-fpaBEWWHQ9GplZBUGa4zU-wDii1VCjsEjLqblOawi4GTwe-pJLZK-NTnZwyL-bIXUeYbQgrJGP9tZ01vTXbwMSNGWIIu_xxME6XlwlqNBkhQU4EZiSPQbKmNVhy-M3lCcUA4QHJfW1Pf2y9DN3fDCkjhN9bFrERzl8vgm80vV7tqxtWUUlfBOSnzgd9WVqt_MREAclKEENEAF9OYdGIuEmRELvY-eIckDcuwFv2zJrv8lVVFZbLzdM-ZIVwNN_n7dAPIgQ9Gj-TBJiV-vHTwzVIXtwym5-axLhbbBTZw_89BJHVsCSJGLbss2boI_c-h5XhW1ksg6LiBeOBgHqdnI0Sey94lEkRMegiHBhWhMe9vOMhA9diTgJyUjoztZ7aBMfdulKMifTWOufjAptGqcIV5mGW8WDPiBRTZD_WIMc7Le3W96kHMvYA_NXWog57XKx2yKSBBdm5_KfhR7xSFJ36J2fSuiZJqML2Q4mpsHmTPXNlxpR1xh1KU3SfdlsjgsrUmQBsqHM0oGMOGZwHD0crvlMf3i4tranjinLTOcK8alNAng-MbAd8UF4Qr8FR5B20tdE6dp9eoz30tLHzZ6ihvFeULFpCedJ9r7OHCl6G82EIOS7h_AzS658yZRX9ttwQiKcIN6eBG5D_CK9fNnNFo5iHC1fJCmW87N_l2KnObVX7UoNQaMgNBR9FskGLVR7Mix63fcrNsItLVqAXm6Js7WZGGXPyu8fhetStBJURlFm_KxsJ_VZGVJRHrKeMVvdqXDhynt7CDy2rZXYTlROeqBg%26sig%3DCg0ArKJSzP5fjxmAHDwQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 14 Apr 2021 20:05:58 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: x/M5KPZN780/Go5GcYCOHQ==
age: 629603
cf-polished: origSize=129416
cf-request-id: 097396a7ae00002bd6b1bd6000000001
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 11:56:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b4893ac2-101e-007e-4eaf-2b7d61000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2009-09-19
cf-ray: 63ff8d52ac0b2bd6-FRA
cf-bgj: minify

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame E336 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 3630
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6AB9 0
331 B 83ms
27ms Other
image/gif 2a00:1450:400b:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~knhvvxto&ctx=2&gqid=JUt3YPflMZOZ3gO7tJuICg&qqid=CMbbp7PE_u8CFSqGgwcdZdkCtg&met.4=fb.4~fb.6~lb.2e~cmrload.5n~ol.5z~bdt.-183~bpp.-iw~idt.-iw~dtd.-ie~dt.-ix&met.3=739.2g~740.3b~740.3b~740.3c~374.3d~740.5e~738.5w~749.5w_3~735.63_1~740.87~740.bb~113.ca_4~112.c8_5&met.1=1.knhvvxhg~14.0~15.0~16.0~17.0~18.0~19.1~20.1~21.1&met.7=CCIQBBgBIAUoBTDDATi-AUAGSAdQB1hpYB9oaXDCAXi_BLABAbgBAw~CCkQChgBIAgoCDAuOCdACUgKUApYHWAPaB1wI3iZtgKAAfeyAogBvfkGsAEBuAED~CCcQChgBIAgoCDAxOCloFnAvePh3gAHndogBisUCsAEBuAED~CBwQChgBIAkoCTAvOCZQCVgqYAloFnAteNZegAH0XYgBtO0BsAEBuAED~CBwQChgBIAkoCTArOCJoF3AqeI8OgAGXCogB0ROwAQG4AQM~CCoQChgBIAkoCTAZOA8~CBwQChgBIAkoCTAuOCVoF3AseMIsgAHiK4gBlWWwAQG4AQM~CBsQBhgBIAooCjA2OC0~CBwQChgBIAooCjAwOCdoFnAteKw4gAHKN4gB7YkBsAEBuAED~CBwQBRgBIDwoPDBDOAhoPXBDeO4FgAHUBYgBlgmwAQG4AQM~CCcQBRgBIGcoZzByOApoaXBxeKRCgAHLQYgB6rIBsAEBuAED~CCkQBRgBIHUodTCYATgj~CCgQChgBINgBKNgBMIUDOKwBQNoBSNsBUNsBWLsCYPMBaLsCcOcCeN-nAYABsqMBiAHHrwOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400b:c02::5e Dublin, Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DACD 0
86 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bdw9gJUt3YIa1MqqMjuwP5bKLsAsAAAAAOAHgBAI&bg=!UlGlURXNAAb2K53n9is7ACkAdvg8Wi4Mh7RAGHeJBELpaUqGmJLPlHT4WFsjyLIZEH0Wc79_xE4lnwIAAAC0UgAAACRoAQcKACUOcLcAsvaCL5RFaG0Ei_O7XDdQbQ2eVo_LpxRLyua_VNG8Ma5umQJypZ3AhqaOeORVx4oPwJOakcL9CcKol2Uw_P_FFvHisZvxshkKqmPpt5RTlbFqXirK11enf0ooV8pS9yX78agoYt7L1h4hsgZhuHvejDCsOkcv9LOU2S7HfFtPeHE44uYnrN11mC0YUG6NRsCGjzOK3zC9h-oOdbkkyvoxPh3iiRYoPQdU3SegyadlcBn1-7DqPhGPCZBGq-C393Ma9rkJsf3jsUsSyQJdwUQE6Jv8efxGOhjvSXXjx6uYDVu1kf4mHnyUuw_XpODuxDzZ8Ksy2s1xN8Om7Vzf6kxk6ZjUNwGWuX_sJGuYU-NjBWOBXotzlykxVFF_-h4ijmjDibPVQmzrO0UslEAYOqG5vAr09YGz6jrWeROKytGY2GXq4lF539a-ucMrDJ-Qwv_G8eq4nWQisR6zMlMMTKD1bVdTtL-KBhO7pwTMxfD7YLvMbShJwVvpS2KL7u4t9CdwTx-xP9mio-a_sHRo7EAQ6UPye50DO0h07CzZ1Zj4S-rFu4RkInVUE4mXmJRVZwrsRiHbvSFr_8AhU7zph2C3tb2hHgDuAVGrbGWZWFTKvHPTWmzLrx43o0eqyhNLWZiOcVrWlzSBfGvwoG-cq7RuK7hh6TFxKMRVtLL72k6IUqNXPWJmKUImiqMQdmqNKr383T_QNYcLyo7xUqqlUsKOp4dpUgywaIFDTxxYcPv1u0L4naWiHe3-A22TEZRBJIb5a2cJb-1dCLZxbrBFvrVbq-X4w20Q5mquWgCOA41pWVXjGZV2E--AjnPgKj9u7bHtk41pbM7qn6gy_fvjlwEP6V5udonICl6tK_amAnOeZnOvEVrYaGs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 977B 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 977B 8 KB
9 KB 39ms
25ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F560bd8d24d47fc28fc84259d%2F34270135-00c1-4a61-88c5-45e4f527aa4f.woff&t=%20%24%2C.015%3AACDEFGHIKMNRSTVXabcdefghiklmnoprstuvwxz%7C%C3%9F%C3%A4%C3%B6%C3%BC
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc02266383e8d25b6a8cc4e9d33c87e0aaf18965fdec86d97008173c49f23a

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:59 GMT
cf-cache-status: HIT
server: cloudflare
age: 615624
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=34270135-00c1-4a61-88c5-45e4f527aa4f-subset.woff
cf-ray: 63ff8d540e164a9d-FRA
cf-request-id: 097396a88200004a9d65046000000001
expires: Thu, 07 Apr 2022 17:05:35 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 977B 7 KB
7 KB 51ms
38ms Font
font/woff 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F560bd8d24d47fc28fc84259d%2F34467d9a-b412-4353-984f-b34c15f2df1c.woff&t=%20%25-.37ACDFGHKSUabdefgiklmnorstv%C2%A0
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/6418128/1617814958816/DE_T2_Shares_US_FixedCommission_black_Prospecting-German-970x250-637534117575089338-65d641a0-c8ef-4c84-847e-249269c781bf.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb25cee52584cc030f231156f4db072ec5680ac5dba1fe29f51ae7c755565de

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:59 GMT
cf-cache-status: HIT
server: cloudflare
age: 615624
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=34467d9a-b412-4353-984f-b34c15f2df1c-subset.woff
cf-ray: 63ff8d540e194a9d-FRA
cf-request-id: 097396a88200004a9d3a889000000001
expires: Thu, 07 Apr 2022 17:05:35 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4A96 208 B
555 B 15ms
14ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F93fef7c3-ffaf-45a6-8418-fdafa20c7799.png&w=13&h=12&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ad9cfb927fab49bdf7b66b725a1f65c4effb48dbd9d0a7f4c483edd2a82354

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:59 GMT
cf-cache-status: HIT
api-supported-versions: 2.0
age: 10544
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 63ff8d55bb0b2bd6-FRA
content-length: 208
cf-request-id: 097396a99200002bd6a8a1c000000001
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4A96 190 B
277 B 16ms
15ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F93fef7c3-ffaf-45a6-8418-fdafa20c7799.png&w=12&h=12&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dc659fa86b72f1b72e3b158c031aa1fdceaf7c14824bc5dd87331c5d9019926

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:59 GMT
cf-cache-status: HIT
api-supported-versions: 2.0
age: 10544
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 63ff8d55bb102bd6-FRA
content-length: 190
cf-request-id: 097396a99200002bd6d6071000000001
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4A96 12 KB
12 KB 34ms
34ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2Fbd038b86-adff-4382-83f7-3a5e61a783ec.png&w=311&h=231&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33fb7cb72d25a25211a8ba449bb30b998b577d39939f583b765d0745a59e12d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:59 GMT
cf-cache-status: HIT
api-supported-versions: 2.0
age: 11493
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 63ff8d55bb122bd6-FRA
content-length: 12020
cf-request-id: 097396a99200002bd6ce840000000001
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4A96 2 KB
2 KB 19ms
19ms Image
image/webp 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fcmc-markets%2F560bd8d24d47fc28fc84259d%2Fimages%2F0f7d384c-494d-4b00-b910-80b6777b7929.png&w=132&h=101&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12e58673d51613d17e9cff942a292face4e268e841809201f07c8c34a86c5143

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 20:05:59 GMT
cf-cache-status: HIT
api-supported-versions: 2.0
age: 11493
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 63ff8d55eb992bd6-FRA
content-length: 1854
cf-request-id: 097396a9b400002bd6a0895000000001
server: cloudflare
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

POST
H2 200 pixel
c.bannerflow.net/tr/v2/ Frame 977B 0
302 B 53ms
53ms Other
text/plain 2606:4700::6810:d40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/606de563b3521e8b1b19f4f5?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvVRNzS1xhNxrNAugBI9cBconmZU-P-YkhIVt5VcoYJth-X8xWeRFMba-CsNldiZfwNTc2K5WU1dhMe7f_8xUXZHyHXXbJrGE_BZnzgt8LtQYfl58iMSuDkJP-1nTEEzUq65jo7qFe-fpaBEWWHQ9GplZBUGa4zU-wDii1VCjsEjLqblOawi4GTwe-pJLZK-NTnZwyL-bIXUeYbQgrJGP9tZ01vTXbwMSNGWIIu_xxME6XlwlqNBkhQU4EZiSPQbKmNVhy-M3lCcUA4QHJfW1Pf2y9DN3fDCkjhN9bFrERzl8vgm80vV7tqxtWUUlfBOSnzgd9WVqt_MREAclKEENEAF9OYdGIuEmRELvY-eIckDcuwFv2zJrv8lVVFZbLzdM-ZIVwNN_n7dAPIgQ9Gj-TBJiV-vHTwzVIXtwym5-axLhbbBTZw_89BJHVsCSJGLbss2boI_c-h5XhW1ksg6LiBeOBgHqdnI0Sey94lEkRMegiHBhWhMe9vOMhA9diTgJyUjoztZ7aBMfdulKMifTWOufjAptGqcIV5mGW8WDPiBRTZD_WIMc7Le3W96kHMvYA_NXWog57XKx2yKSBBdm5_KfhR7xSFJ36J2fSuiZJqML2Q4mpsHmTPXNlxpR1xh1KU3SfdlsjgsrUmQBsqHM0oGMOGZwHD0crvlMf3i4tranjinLTOcK8alNAng-MbAd8UF4Qr8FR5B20tdE6dp9eoz30tLHzZ6ihvFeULFpCedJ9r7OHCl6G82EIOS7h_AzS658yZRX9ttwQiKcIN6eBG5D_CK9fNnNFo5iHC1fJCmW87N_l2KnObVX7UoNQaMgNBR9FskGLVR7Mix63fcrNsItLVqAXm6Js7WZGGXPyu8fhetStBJURlFm_KxsJ_VZGVJRHrKeMVvdqXDhynt7CDy2rZXYTlROeqBg%26sig%3DCg0ArKJSzP5fjxmAHDwQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D4192616%26adurl%3Dhttps%253A%252F%252Fwww.cmcmarkets.com%252Fde-de%252Flp%252Ffixekommissionen%253Fdclid%253D%2525edclid!%2526utm_source%253Dgdn%2526utm_medium%253Ddisplay%2526utm_term%253Dprogrammatic%2526utm_campaign%253Dde-prospecting
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Apr 2021 20:05:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 63ff8d561c152bd6-FRA
content-length: 0
cf-request-id: 097396a9d400002bd6ec37d000000001
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210412&jk=275304273526225&bg=!gIOlg8fNAAb2K53n9is7ACkAdvg8WidJNWUUQ8zRgjyHJps0JCSz15q-bbKBhkvSBVmktPDUjzdeMgIAAAG-UgAAAAloAQcKAF_EkaLtiOeNW3G1ApqOmpKmrfOgwmACOIu2T81n2bsEAt4YJ2uVcXf40BnsDmpV4E0TIyt6o17oHT-4u534NowiTnJn_H8Nb3nKfDtlnFRsEx3smy9RlIcRJ3pgDQjHGJkB0pjd53fMcLpV7cyky4FHhJf8uedDMqc_OLfk5RDMNl4AAaYcBYA5JJEUISbKOuYq1NvMkGZGQdQwccqkxvWz2dLTapoORSzjR-rWxgabrtSSa_uhw9yYt_NPz0r2cViyrOJnncwhjkLUsxbvE1s3fAgTTuBCaFDPln_E2xtwY7LkC5fB3O_iGwbA4qTYma7dgvbmp_IyQTKCCw_ZpSDlMbbF9hYc24BUkgtdKCzhutkI8zYXAuYceCtfbNSsBL77IQIMAEJXULByhuKFbija4u7eK86xMviYRxqOyOEru8NzJpjZ27DSD2qYUp6hPjLfSwNPJT7uFmFRi7F1Y6gbYCSYcsVao57YKtp7SeB5rUTzt3k9pc68_WsWj0Y8WyKlyW-gBsMFI2otUrSlMDI4Qb65olfAKVW5Hfx2owb9QNq9rqGJGWCasy6HR9T3sVvGS5sT9p0NDuJw06Aluw-z2ar11QrEWbJJUxGnIPYM0JodESND5P2Un3fy3gehKmAevUrvD_094fy4Bs9RX76WnnTpat4-IHfBIEHMLa21OAZYdfWqqfbND4qd5yfxUY6cT0o4kZpSZeFgs-cU7xeLz272cA1J-o41NXgcA0yX6NSlw1c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://feryarya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:05:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIxtuns8T-7wIVKoaDBx1l2QK2EAEYACCpu4VH;met=1;&timestamp=1618430768680;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6AB9 42 B
498 B 165ms
75ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxtuns8T-7wIVKoaDBx1l2QK2EAEYACCpu4VH;met=1;&timestamp=1618430768680;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_oe=ChMIxtuns8T-7wIVKoaDBx1l2QK2EAEYACCpu4VH;met=1;&timestamp=1618430778679;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 6AB9 42 B
476 B 145ms
92ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxtuns8T-7wIVKoaDBx1l2QK2EAEYACCpu4VH;met=1;&timestamp=1618430778679;eid1=2;ecn1=0;etm1=10;

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 20:06:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 02:55:26	Name: IDE Value: AHWqTUk_miuy_j1bWE9AfmAe7FP5aMk8Lk6td7zfHSqeJ_t7qUzy6fmoy5IncYtWwiw
			.feryarya.com/	1970-01-20 02:55:26	Name: __gads Value: ID=fe4ecc5880d6c1bc-223f912517bb004f:T=1618430757:RT=1618430757:S=ALNI_MYWP1FJbJ2E7wmizyk8MVWGxiQoIw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://feryarya.com/wp-includes/js/jquery/jquery-migrate.js(Line 23) Message: JQMIGRATE: Migrate is installed with logging active, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
ag.innovid.com
c.bannerflow.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
e.dlx.addthis.com
feryarya.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.108.145.8
142.250.185.162
142.250.185.66
142.250.186.130
172.217.23.98
185.64.190.78
216.58.212.162
217.182.200.29
2606:4700::6810:d40
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400b:c02::5e
2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
34.98.67.61
35.227.252.103
35.244.174.68
5.181.216.92
52.39.207.175
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
02ad9cfb927fab49bdf7b66b725a1f65c4effb48dbd9d0a7f4c483edd2a82354
04dd0ab3e5724e28f23d12fd5e16448a307d12c192b5dc9e0c960eecd13e6ace
056a705c42ec2de5b9ab7149aa0fa2694e41656deaf8c1c4ff28a422dc5e8ca4
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
084d0930e71428b856005ed0738c19a61c581eb17b8a0a111a3d197d814b2074
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e58673d51613d17e9cff942a292face4e268e841809201f07c8c34a86c5143
14a82d97615d04a1544f08daa422336c057a64fac95d515584eac98e15b00541
1b9ca40006f602db21d8c8d3b5a7ebef00530a16af0f6744dc578141f2c11f7c
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2229584ea1b8c9c90f5fca2cb1822f113058eb5fa6e8e8a3131fbcee9633a0bb
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
2955ac81dc36521041b442def62dc446771c12d5b0d5a5f99df973e524138360
33fb7cb72d25a25211a8ba449bb30b998b577d39939f583b765d0745a59e12d1
3732edceb5fcc3ad4928d1a1a536524c99e933f7a9624cf34d33779e0200e6e4
39043cb6354e318af6f4f37b70b1a057b485f6e367ad9b578901185cbfe8c06a
3b6f05ab9333e008cdd3168183413a77142093a239a1878449373600a5f87749
3dc659fa86b72f1b72e3b158c031aa1fdceaf7c14824bc5dd87331c5d9019926
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bb25cee52584cc030f231156f4db072ec5680ac5dba1fe29f51ae7c755565de
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a92f5825405f86c0e8905c0b9e64ba965bd45763bc79c7a3943f4e5a542dd45
6068bc400d961927d7312dbdaa75895571d4c1cca9b17d4224a1318777bdfbbb
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b
6ebabf4af74f07fdafe166786cf5f881d9f18f5222579fa1b22f4ae67b55068c
70957bca35655d46737fd87b36135d51b6bd77020ddc93bccf418aee30d2510e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
764fce4e57ffe5d57dfb1cb47ff3aed29cfb557d61c01c26499ae6d82870fd0d
7687362e794baa7e5c3a4589e137415d805eb674d157cf3aa0b482c827ec5527
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2
7b89e7248d75bd8f4cd7f8188fa52a57f1c84ad260d255fc236f07ed0fdb8b71
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8242bd8351adbdc5705544e2874b8acc124194c943ac510f8bcf7483d23861be
874a99a1045da76c96efc7024aad44aec8759b9bc1e9005b2f5c840d82c59037
924c4a89295112cc9bdd0fe61b8da36e260eb0dbc88f8102c8d7e907299629d1
996ebe8965544dcf082d2aa58a476e5e406b297afe391522e4961162bf418100
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbc02266383e8d25b6a8cc4e9d33c87e0aaf18965fdec86d97008173c49f23a
9de915b8773f1be6b99448d8fbdb7c359f10b5a06f544181597b8523eca6278b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
ae112e8a176fdd2abe4f94b9f9bfebce7626e07bc1d57434381ca88f15282ff1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
c2b802b44819289fdb059a102d74115535379bee52041fa52583dbab4e3282b7
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
d44842f6b841ee99244fa24f1f7bfc1f9d4949f9ce10cc9482604aabf6fe119c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d931ba2089021a1357761939c18bcc09aa856d39be2a707ea450333f5b3443c4
d9ee84e53ddbff33f8b4b8645b7c7e54678431da5748643deaebcf320321fcfa
dce50148adaff4dccd1d95c9b25563011436e398272d530e974193b8685340a2
dd576f3d728d4314cc39de21fa7a6cf986ce6f61662840eb0c5a028b24c24036
e07d2a479d7351305193bacf0ad8cb2cdaec14ba6b112e74f48e1ff752d749c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e503c59c36fc19803b2e9572b10e7c06236bda692aebd97f29e2a5a96f9aa5b6
e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
fb50d59f5c8b789d5791060ef5ad36648016d08486c986c6980a56c1dd65744d
fd503ca2cb350bd8ecec266730289fd8a519faffe250b976f7963dc10bfd829c

feryarya.com Open in urlscan Pro 5.181.216.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

102 Requests

81 %HTTPS

52 %IPv6

20 Domains

28 Subdomains

22 IPs

5 Countries

887 kBTransfer

2162 kBSize

2 Cookies

1 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

feryarya.com Open in urlscan Pro
5.181.216.92 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

81 %
HTTPS

52 %
IPv6

20
Domains

28
Subdomains

22
IPs

5
Countries

887 kB
Transfer

2162 kB
Size

2
Cookies

102 HTTP transactions
4 data transactions