hacks-cs.clan.su Open in urlscan Pro
193.109.246.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hacks-cs.clan.su/
Submission Tags: falconsandbox
Submission: On August 25 via api (August 25th 2022, 12:54:54 am UTC) from US — Scanned from DE

Summary HTTP 175 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 27 domains to perform 175 HTTP transactions. The main IP is 193.109.246.56, located in Moscow, Russian Federation and belongs to COMPUBYTE-AS, CY. The main domain is hacks-cs.clan.su.

This is the only time hacks-cs.clan.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	193.109.246.56 193.109.246.56	204343 (COMPUBYTE-AS) (COMPUBYTE-AS)
1 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 12	2600:9000:20e... 2600:9000:20eb:e600:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	3.66.43.43 3.66.43.43	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.78.113 13.225.78.113	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 32	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.64.135.73 54.64.135.73	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:17::9	15169 (GOOGLE) (GOOGLE)
1 1	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
1 1	35.157.16.92 35.157.16.92	16509 (AMAZON-02) (AMAZON-02)
175	32

38 193.109.246.56 (Moscow, Russian Federation)

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net

hacks-cs.clan.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s56.ucoz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:20eb:e600:3:c04e:c780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.202.52 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.43.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-43-43.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-113.fra2.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.64.135.73 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-135-73.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:17::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5ednde.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.225.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.16.92 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-16-92.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	1 MB
37	clan.su hacks-cs.clan.su	352 KB
24	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com csi.gstatic.com	893 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	132 KB
15	sharethis.com 1 redirects w.sharethis.com — Cisco Umbrella Rank: 18250 ws.sharethis.com — Cisco Umbrella Rank: 8483 l.sharethis.com — Cisco Umbrella Rank: 4476 count-server.sharethis.com — Cisco Umbrella Rank: 12502	105 KB
11	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	26 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10960	2 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	130 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9849	1 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3880	56 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1735 r4---sn-4g5ednde.gvt1.com — Cisco Umbrella Rank: 619170	1 MB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 3586	87 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 634	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1517	414 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1072	792 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 588	758 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3074	376 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 327	459 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	63 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	642 B
1	ucoz.net s56.ucoz.net	205 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	Failed function sub() { [native code] }. Failed
175	27

	Domain	Requested by
37	hacks-cs.clan.su	hacks-cs.clan.su
32	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net hacks-cs.clan.su tpc.googlesyndication.com pagead2.googlesyndication.com
12	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	hacks-cs.clan.su pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
10	ws.sharethis.com	w.sharethis.com ws.sharethis.com hacks-cs.clan.su
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hacks-cs.clan.su
9	www.google.com	1 redirects hacks-cs.clan.su www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	cm.g.doubleclick.net	hacks-cs.clan.su googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects hacks-cs.clan.su
4	fonts.gstatic.com	www.google.com fonts.googleapis.com
3	ssum-sec.casalemedia.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	counter.yadro.ru	2 redirects hacks-cs.clan.su
3	mc.yandex.ru	2 redirects hacks-cs.clan.su
2	csi.gstatic.com	www.gstatic.com
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	cc.adingo.jp	googleads.g.doubleclick.net
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	hacks-cs.clan.su www.google-analytics.com
2	l.sharethis.com	w.sharethis.com hacks-cs.clan.su
2	w.sharethis.com	1 redirects hacks-cs.clan.su
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	r4---sn-4g5ednde.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	s0.2mdn.net	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	hacks-cs.clan.su
1	stats.g.doubleclick.net	www.google-analytics.com
1	count-server.sharethis.com	ws.sharethis.com
1	s56.ucoz.net	hacks-cs.clan.su
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	undefined Failed	hacks-cs.clan.su
175	42

This site contains links to these domains. Also see Links.

Domain
www.ucoz.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh

This page contains 19 frames:

Primary Page: http://hacks-cs.clan.su/
Frame ID: 9B6E18F83ED8C5CA3019B836125358FD
Requests: 69 HTTP requests in this frame

Frame: http://hacks-cs.clan.su/mchat/
Frame ID: 95C169AA463DADD08B6CF459432EDA53
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: CA972FD2DB55C23468852D5D0ABAD266
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW&co=aHR0cDovL2hhY2tzLWNzLmNsYW4uc3U6ODA.&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&theme=light&size=compact&cb=z83ee0reyjmn
Frame ID: D524640E115AF3B7E8B467B48D78D2AB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&adk=1812271804&adf=3025194257&lmt=1440521943&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhacks-cs.clan.su%2F&ea=0&pra=5&wgl=1&dt=1661388887958&bpp=3&bdt=567&idt=147&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4221951986018&frm=20&pv=2&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=164
Frame ID: 6360C41F99D1FCFDB7487B720005FA4D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW
Frame ID: 80EC20DC15146CE4913BE58EE4AD65C7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18
Frame ID: 864ED59DA94312DFE5CC8524F8960DC7
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24
Frame ID: 6DC5AC0D368CAC4D4343CFF7E72AF33B
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: F0B21A26C329785072F6B0FC08346BAA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/index.html
Frame ID: 348C680D5D0518D04DE659DB306A2F38
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Frame ID: 155F2BFC97FA45F239D07A684E47BBF9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 73F20A4F6D25454EB38866D7F0407798
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3270376D80D37192F94B87BD531579B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: 8DBBBC40B89C78D93430A5D49D5057D2
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: 5AFF8ECF680B27FE959612ED4B8BE04F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6E21E1CE8BD73D7337409824ABC5A924
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Frame ID: 21E4ABDCD2CF8D0BDB44D9D707306F68
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46FA9B394C0ECF5D6D069D6DEE410B78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D00F24B31F9854171ECD7BDF82FBA36E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

All for Counter-Strike 1.6 hacks, models, sprites, additions, plug-ins

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Lightbox (JavaScript Libraries) Expand

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

ShareThis (Widgets) Expand

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

175
Requests

69 %
HTTPS

60 %
IPv6

27
Domains

42
Subdomains

32
IPs

8
Countries

4371 kB
Transfer

7747 kB
Size

29
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ucoz.com/
Title: web hosting

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 14

http://w.sharethis.com/button/buttons.js HTTP 301
https://w.sharethis.com/button/buttons.js

Request Chain 23

http://counter.yadro.ru/hit;noads?r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803 HTTP 302
https://counter.yadro.ru/hit;noads?r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803 HTTP 302
https://counter.yadro.ru/hit;noads?q;r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803

Request Chain 33

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 73

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9740.eu7iEJ7i3BkpQw4VWqd1WKMDwO0BSVYN7cCpigDsklbuDVLR2qvq_i9i2MuETuFz.neAPPM6zywrQ_-TEu_u1PGpX46Y%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9740.GpeTkVANM4bvgtLkOjShvmDXPKKSM9gGLTU4OeVKXUGU3x3oV8dEBKMEjn7kYfrN1XNHlEftouMUWOWfeDxk0g%2C%2C.kO6RpcWl3WYR2PWV1gOV2VR27GM%2C

Request Chain 84

https://mc.yandex.com/watch/12507724?wmode=7&page-url=http%3A%2F%2Fhacks-cs.clan.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A569141220498%3Ahid%3A817936867%3Az%3A0%3Ai%3A20220825005448%3Aet%3A1661388888%3Ac%3A1%3Arn%3A6720843%3Arqn%3A1%3Au%3A1661388888318481733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1661388886891%3Ads%3A192%2C59%2C239%2C59%2C0%2C0%2C%2C408%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661388889%3At%3AAll%20for%20Counter-Strike%201.6%20hacks%2C%20models%2C%20sprites%2C%20additions%2C%20plug-ins&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/12507724/1?wmode=7&page-url=http%3A%2F%2Fhacks-cs.clan.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A569141220498%3Ahid%3A817936867%3Az%3A0%3Ai%3A20220825005448%3Aet%3A1661388888%3Ac%3A1%3Arn%3A6720843%3Arqn%3A1%3Au%3A1661388888318481733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1661388886891%3Ads%3A192%2C59%2C239%2C59%2C0%2C0%2C%2C408%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661388889%3At%3AAll%20for%20Counter-Strike%201.6%20hacks%2C%20models%2C%20sprites%2C%20additions%2C%20plug-ins&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHyDt_hTSth2yvE1I31rVbg&google_cver=1&google_push=AehlK4D0oboJjOBenpOS5K2dDXXz50NzmFR_qigg85Zwp2QObXgJN2Uu9LH-W_V2M3qKiBEEQlATaJD08Q1fdiVYJfT05r6zcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4QzFVNjYtMjUtNjRQSw==&google_push=AehlK4D0oboJjOBenpOS5K2dDXXz50NzmFR_qigg85Zwp2QObXgJN2Uu9LH-W_V2M3qKiBEEQlATaJD08Q1fdiVYJfT05r6zcQ

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_cver=1&google_push=AehlK4BHtP-po-4bdIAm9nrc7wcuk3gpJD_3XIhOoXe8PX7ylZ49ZgZZ7-DPVk9nMJsE5aIR_jvlUe3rVSGA1Nz4EaspARXtI98 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_push=AehlK4BHtP-po-4bdIAm9nrc7wcuk3gpJD_3XIhOoXe8PX7ylZ49ZgZZ7-DPVk9nMJsE5aIR_jvlUe3rVSGA1Nz4EaspARXtI98&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4BHtP-po-4bdIAm9nrc7wcuk3gpJD_3XIhOoXe8PX7ylZ49ZgZZ7-DPVk9nMJsE5aIR_jvlUe3rVSGA1Nz4EaspARXtI98

Request Chain 155

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEvJ7JFhCwCRj0BDIIb01YwFEWIjI HTTP 301
https://tpc.googlesyndication.com/simgad/11780843361182657146

Request Chain 159

https://redirector.gvt1.com/videoplayback?id=cb6ef9df0e500183&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1661396092&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=A76CC8E865909AA4452537D2EF1297DA26EC0381.A12ED66FFAD4B1C44A246600AE2C7D6D2948E835&key=ck2 HTTP 302
https://r4---sn-4g5ednde.gvt1.com/videoplayback?id=cb6ef9df0e500183&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661396092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4D9C49EC1C3BDF36948AD77DE7B31086E01AE415.8455FB83916C4C9D541CF8994DBD4289CFD7C961&key=cms1&cms_redirect=yes&mh=h_&mip=2001:ac8:20:301::201e&mm=28&mn=sn-4g5ednde&ms=nvh&mt=1661388575&mv=u&mvi=4&pl=53

Request Chain 160

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBUdICOwrRlvyMqGc6hj_R0&google_cver=1&google_push=AehlK4CCdsOfUF-aAXoTP70vDKgf4-pYC1hW93W0lCdAHokOnahaChuxPHCHd_rEzMI71TwCCSmEl5OQJU_9TfPDldH8Yz3ZM40 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CCdsOfUF-aAXoTP70vDKgf4-pYC1hW93W0lCdAHokOnahaChuxPHCHd_rEzMI71TwCCSmEl5OQJU_9TfPDldH8Yz3ZM40&google_hm=OuoLfbn8ZtLfjxAsxNJHig

Request Chain 161

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CCRD926zWbKYmmWS07xdmkqARquaxhSLG2zyddNXL9umbziOhTEiuzwMWh2E0ey0eZe8nC_C95c1HGsD5X2AO7Nr_uNGZI&google_gid=CAESEGSY0HlPrfWCZDlrZKOwzIE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdiSVhBQUFBRzdFd1JCOQ&google_push=AehlK4CCRD926zWbKYmmWS07xdmkqARquaxhSLG2zyddNXL9umbziOhTEiuzwMWh2E0ey0eZe8nC_C95c1HGsD5X2AO7Nr_uNGZI

Request Chain 162

https://d.agkn.com/pixel/2175/?google_gid=CAESEK7TrG6QMUa5gZ9RcCDljP8&google_cver=1&google_push=AehlK4BWz8evflKX11V_1VvMz0tTK7BeVaLhrLrpcsQKod828USuNY8EQ-0ZTkBH_zdO0WietccFtAQAA_PWlzJT-gUb3c9-tTk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BWz8evflKX11V_1VvMz0tTK7BeVaLhrLrpcsQKod828USuNY8EQ-0ZTkBH_zdO0WietccFtAQAA_PWlzJT-gUb3c9-tTk&google_hm=Q0FFU0VLN1RyRzZRTVVhNWdaOVJjQ0RsalA4

Request Chain 165

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdyECq6Vs2N0rGjiP77-Ck&google_cver=1&google_push=AehlK4CCts4nMlBKqD7ZsiUdBXu8lZXt-vnmgLEvpnC7YDhTHgRJqjUdidplaICkERV-2GbtboSYZ6bwPTVdm32cmeFoPkAX8O4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdyECq6Vs2N0rGjiP77-Ck&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4CCts4nMlBKqD7ZsiUdBXu8lZXt-vnmgLEvpnC7YDhTHgRJqjUdidplaICkERV-2GbtboSYZ6bwPTVdm32cmeFoPkAX8O4

175 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hacks-cs.clan.su/ 43 KB
11 KB 491ms
239ms Document
text/html 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hacks-cs.clan.su/
Protocol: HTTP/1.1
Server: 193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 267ba0efdd60da848c140290065018f06eae29cd6153f2a79ba607cb94e2df26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Aug 2022 00:54:50 GMT
Keep-Alive: timeout=15
Last-Modified: Tue, 25 Aug 2015 16:59:03 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: host

GET
H/1.1 200
OK 871.css
hacks-cs.clan.su/.s/src/css/ 16 KB
4 KB 60ms
59ms Stylesheet
text/css 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/css/871.css

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

baa35de5207d4ccb2abf99d56d9cef0cf9357f70b2fb5c973f155a6fb84e9756

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 May 2021 12:20:25 GMT
Server: nginx
ETag: W/"60ae3d09-3f5b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H/1.1 200
OK base.min.css
hacks-cs.clan.su/.s/src/ 24 KB
6 KB 100ms
61ms Stylesheet
text/css 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/base.min.css

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

ed132c64c4008f3048414bf8506edd464a95035f4552c6452e4f2671f1c1ab9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Apr 2022 08:15:48 GMT
Server: nginx
ETag: W/"62553534-5f07"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H/1.1 200
OK layer7.min.css
hacks-cs.clan.su/.s/src/ 25 KB
7 KB 147ms
90ms Stylesheet
text/css 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/layer7.min.css

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

a7251097afbc7a7ed08c618f7b56b27562496792fa0a41dadb42d46cf3b0815b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2022 08:18:27 GMT
Server: nginx
ETag: W/"623c2953-63fc"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
hacks-cs.clan.su/.s/src/ 95 KB
33 KB 122ms
64ms Script
text/javascript 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/jquery-1.12.4.min.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2019 15:36:20 GMT
Server: nginx
ETag: W/"5c87d1f4-17b8b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H/1.1 200
OK uwnd.min.js Show response
hacks-cs.clan.su/.s/src/ 205 KB
56 KB 131ms
72ms Script
text/javascript 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/uwnd.min.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Server: nginx
ETag: W/"626678ba-3334b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H/1.1 200
OK uutils.fcg Show response
s56.ucoz.net/cgi/ 0
205 B 178ms
61ms Script
application/javascript 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s56.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=1&r=0.147710179723678
Requested by: Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/
Protocol: HTTP/1.1
Server: 193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ulightbox.min.css
hacks-cs.clan.su/.s/src/ulightbox/ 4 KB
2 KB 114ms
59ms Stylesheet
text/css 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/ulightbox/ulightbox.min.css

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Server: nginx
ETag: W/"628cd15d-11c8"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H/1.1 200
OK social.css
hacks-cs.clan.su/.s/src/ 2 KB
988 B 115ms
59ms Stylesheet
text/css 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/social.css

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

12c919cc8994233c2f67bdcf1185997781ccfe1ce3405308e31bfd33d260bd74

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Server: nginx
ETag: W/"61a758f3-9b8"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H/1.1 200
OK ulightbox.min.js Show response
hacks-cs.clan.su/.s/src/ulightbox/ 22 KB
8 KB 180ms
81ms Script
text/javascript 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/ulightbox/ulightbox.min.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

eb2476907f027bd6dcf4f61cecffcd85dd4aaf66ee6615d32fba5359615edad7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Server: nginx
ETag: W/"628cd15d-5713"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 905 B
995 B 72ms
25ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=en

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54df1caa2a12d0822eecd168f9bf0df07584d4d10b7600be9dfae56986e0d775

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Thu, 25 Aug 2022 00:54:50 GMT

GET
H/1.1 200
OK 1.jpg
hacks-cs.clan.su/.s/t/871/ 20 KB
20 KB 75ms
70ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/1.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

6a08cf08deb9d3dc5c799b61c582d00bb9357e95dd740d21135c6197ce30d972

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-4f6e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 20334
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 7.gif
hacks-cs.clan.su/.s/t/871/ 701 B
1 KB 88ms
82ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/7.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

819989bfc9d96a03619925c1d5f29901f845ac59aee03b4b91da3aac92f383bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-2bd"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 701
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 1661388891
hacks-cs.clan.su/stat/ 418 B
734 B 65ms
58ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hacks-cs.clan.su/stat/1661388891
Requested by: Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/
Protocol: HTTP/1.1
Server: 193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 38d934ce29373a05d2b997a89e2c5de885a7cf0571318479f46266d2dd158ddd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 00:54:51 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, no-store, private
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

158 KB
56 KB

268ms
129ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5a7df20c1d6253065e7b3211c4c2e796c501928bf6f114ecf058a5b4af9fa868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: br
last-modified: Tue, 23 Aug 2022 14:08:03 GMT
etag: "6304b513-de51"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56913
expires: Thu, 25 Aug 2022 01:54:51 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H2

200

buttons.js Show response
w.sharethis.com/button/
Redirect Chain

http://w.sharethis.com/button/buttons.js
https://w.sharethis.com/button/buttons.js

102 KB
26 KB

58ms
18ms

Script
application/javascript

2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.sharethis.com/button/buttons.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

748718063bc84d056b5d0cf947b83aa71d7dbef7358d6ec62eab82c2f3881a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:02:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 96730
x-cache: Hit from cloudfront
content-length: 26307
server: nginx/1.20.1
etag: W/"62bdf23a-19615"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: r47yXJG_i9d64smX1vihBFXgDssPr4tIbBikVCEqZBregaKU2OOl4A==
expires: Fri, 26 Aug 2022 22:02:40 GMT

Redirect headers

Date: Thu, 25 Aug 2022 00:54:50 GMT
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://w.sharethis.com/button/buttons.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: PD7k1jXBV7c99eloa38zRSrwkOb6gwr3vLeBGv1WSsHe1TsTs0WY3Q==

GET
H/1.1 200
OK 11778028.jpg
hacks-cs.clan.su/_nw/0/ 14 KB
14 KB 85ms
79ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/_nw/0/11778028.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

48c2824de2d4f39a04e3c843a4ebef7292fcc343c3be4db48730f534d1df3b3b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Sun, 16 Oct 2011 11:29:22 GMT
Server: nginx
ETag: "4e9ac012-37f2"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14322
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK s15480912.jpg
hacks-cs.clan.su/_nw/0/ 18 KB
19 KB 98ms
92ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/_nw/0/s15480912.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

fe79402e07d090990a1ecbc24021144e39d216443a2d5a5cdac18300cb841e06

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Sun, 16 Oct 2011 11:27:40 GMT
Server: nginx
ETag: "4e9abfac-4961"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 18785
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK s04395506.jpg
hacks-cs.clan.su/_nw/0/ 8 KB
9 KB 64ms
58ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/_nw/0/s04395506.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

069a61a69c589b4d899af4a3a199e6f9f0ba8fa2cd68610596ea69429c835909

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Sun, 16 Oct 2011 11:23:55 GMT
Server: nginx
ETag: "4e9abecb-20dc"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 8412
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 70767951.jpg
hacks-cs.clan.su/_nw/0/ 21 KB
21 KB 271ms
56ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/_nw/0/70767951.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

8b50a936d15da38023bc038153263432b45a86a07a8afee72ff28032f55e3efc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Sun, 16 Oct 2011 11:16:18 GMT
Server: nginx
ETag: "4e9abd02-52e0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 21216
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK mcr.gif
hacks-cs.clan.su/.s/img/fr/ 348 B
704 B 206ms
59ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/fr/mcr.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

b1532fbb9c546fdee5b45583c446f24f089035298f95f4ad2ac166d5f1eb8a2e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Mon, 31 Jul 2017 10:31:19 GMT
Server: nginx
ETag: "597f06f7-15c"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 348
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK ajax3.gif
hacks-cs.clan.su/.s/img/fr/ 1 KB
1 KB 70ms
58ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/fr/ajax3.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

9777513b1dee8fbb0942cc13160510ff06cd1e868bd5dd24d060930871443ce6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Mon, 31 Jul 2017 10:31:19 GMT
Server: nginx
ETag: "597f06f7-437"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1079
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK uid.gif
hacks-cs.clan.su/.s/img/ma/ 400 B
756 B 90ms
58ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/ma/uid.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

369e1fbbd6a79ff1362bc00de6cc4789b6bd2c087d91811128c956ec2be4a9ce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Aug 2022 19:07:30 GMT
Server: nginx
ETag: "62eac772-190"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 400
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
57 KB 78ms
55ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff1edbcd84b99674d59e0338a2f72eb0250835a25370fa2ceaf00c025d530354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 25 Aug 2022 00:54:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 17553608671360071774
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 57369
X-XSS-Protection: 0
Expires: Thu, 25 Aug 2022 00:54:51 GMT

GET
H/1.1

200
OK

hit;noads
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;noads?r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803
https://counter.yadro.ru/hit;noads?r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803
https://counter.yadro.ru/hit;noads?q;r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803

43 B
528 B

58ms
58ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;noads?q;r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 00:54:51 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 24 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 00:54:51 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;noads?q;r;s1600*1200*24;uhttp%3A//hacks-cs.clan.su/;1661388887803
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 24 Aug 2021 21:00:00 GMT

GET
H/1.1 200
OK 2.jpg
hacks-cs.clan.su/.s/t/871/ 17 KB
18 KB 175ms
58ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/2.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

3f84fb7f091f3e571a1b1f4455ed1c446bb76074df654301fcacf0052b8d7ab9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-44c6"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 17606
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 3.jpg
hacks-cs.clan.su/.s/t/871/ 8 KB
8 KB 129ms
56ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/3.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

844a645839690cf04b74a1842534ffbd45a230f7536b3d3eb23d9bc7d3fdcae4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-1e99"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 7833
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 4.gif
hacks-cs.clan.su/.s/t/871/ 159 B
514 B 198ms
56ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/4.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

09ff2940e61c9c8343439bc6ffac5effde108cf4957a387aa8168f19ce323906

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-9f"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 159
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 5.gif
hacks-cs.clan.su/.s/t/871/ 5 KB
6 KB 215ms
56ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/5.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

1374fbfdc3c939ad8ddddcd1bc2a88d218dc24ace4d297f7ff1c5a3b58b31d65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-149d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 5277
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 6.gif
hacks-cs.clan.su/.s/t/871/ 764 B
1 KB 213ms
59ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/6.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

85216269dec9157d00e11e9563b5a43f7535d1ed873f3ef09861fd1c46bd5596

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-2fc"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 764
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 9.gif
hacks-cs.clan.su/.s/t/871/ 61 B
415 B 116ms
58ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/9.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/.s/src/css/871.css

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

2de522f6dd550d90f8a6b559cfcd01644f13d17cb38dc4f553a39f91cd75a733

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/.s/src/css/871.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-3d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 61
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 45ms
18ms Script
application/javascript 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 03:00:54 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 165237
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"62bdf287-16245"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: d3ba5z3lmUeuAiWYBMjSysNJECOEH5jTLDUlGgRhOo8DJ_zTA5OGiA==
expires: Fri, 26 Aug 2022 03:00:54 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
402 B 97ms
16ms XHR
text/plain 3.66.43.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1661388887841.53847&hostname=hacks-cs.clan.su&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fhacks-cs.clan.su%2F&title=All%20for%20Counter-Strike%201.6%20hacks%2C%20models%2C%20sprites%2C%20additions%2C%20plug-ins&sop=false&description=Counter-Strike%20portal.%20Mods%2C%20add-ons%2C%20hacks%2C%20models%2C%20programs%2C%20articles%2C%20and%20much%20more

Requested by

Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.43.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-43-43.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: http://hacks-cs.clan.su
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK / Show response
hacks-cs.clan.su/mchat/ Frame 95C1 22 KB
3 KB 143ms
119ms Document
text/html 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hacks-cs.clan.su/mchat/
Requested by: Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/
Protocol: HTTP/1.1
Server: 193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 83835421533bee3fdcb7df6cba43427f8a0814ce6421b94fa02086f9d8b3f1cb

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 25 Aug 2022 00:54:51 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

54ms
14ms

Script
text/javascript

2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6771
date: Wed, 24 Aug 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Aug 2022 01:02:00 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ 387 KB
154 KB 70ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d519d7c7ed0ef60bdff019860cb18b309245d9dd8450acb3ce173f5fe4ff3bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hacks-cs.clan.su/
Origin: http://hacks-cs.clan.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157275
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 15:01:47 GMT

GET
H/1.1 200
OK 10.gif
hacks-cs.clan.su/.s/t/871/ 336 B
692 B 220ms
58ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/10.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/.s/src/css/871.css

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

1363b2bf9e1bb77bdc264ab122846122aaf4fde6586fd79bb6d84b2619a26548

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/.s/src/css/871.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-150"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 336
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 12.png
hacks-cs.clan.su/.s/img/stars/3/ 1 KB
1 KB 230ms
56ms Image
image/png 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/stars/3/12.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

aa22bfd07d6d73ee1e2fc304bf81625c716e83f81e1dfc044560b54595bdec28

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Mon, 31 Jul 2017 10:31:37 GMT
Server: nginx
ETag: "597f0709-489"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1161
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 17.jpg
hacks-cs.clan.su/.s/t/871/ 1 KB
2 KB 196ms
58ms Image
image/jpeg 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/17.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/.s/src/css/871.css

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

6a8ed97c402fa4b16cbbce0b956ce42243aa35615bf1689a1d921ba50bb9b585

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/.s/src/css/871.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-58b"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1419
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK wait.gif
hacks-cs.clan.su/.s/img/sh/ 265 B
621 B 231ms
58ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/sh/wait.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/.s/src/base.min.css

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

163da6b91f78ccad8c824ef31e5dbd2a89fb8d93f2381d43faa96acf502ca3e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/.s/src/base.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Mon, 31 Jul 2017 10:31:36 GMT
Server: nginx
ETag: "597f0708-109"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 265
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK fb.svg
hacks-cs.clan.su/.s/img/icon/social/ 611 B
971 B 266ms
59ms Image
image/svg+xml 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/icon/social/fb.svg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/.s/src/social.css

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/.s/src/social.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Server: nginx
ETag: "5950f318-263"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 611
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK gp.svg
hacks-cs.clan.su/.s/img/icon/social/ 550 B
910 B 262ms
58ms Image
image/svg+xml 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/icon/social/gp.svg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/.s/src/social.css

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/.s/src/social.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Fri, 01 Feb 2019 12:57:26 GMT
Server: nginx
ETag: "5c544236-226"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 550
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK 12.gif
hacks-cs.clan.su/.s/t/871/ 48 B
402 B 93ms
59ms Image
image/gif 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/t/871/12.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/.s/src/css/871.css

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

b429a2de9dc7b091cb845285fab32e6004b12b5fbdcd66e43e9d34cba5b9e0a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/.s/src/css/871.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Wed, 03 Dec 2014 12:39:27 GMT
Server: nginx
ETag: "547f047f-30"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 48
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 16ms
16ms Stylesheet
text/css 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:01:05 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 18:59:19 GMT
server: nginx/1.20.1
age: 21226
etag: W/"62bdf287-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: Y2RQC-DO81k5hpfW590psQDn4yRVdOnoZqNAmdjZqywy2EGPPV1C5g==

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 250 B
614 B 73ms
19ms Script
text/javascript 13.225.78.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Fhacks-cs.clan.su%2F&cb=stButtons.processCB&wd=true

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-113.fra2.r.cloudfront.net

Software

Resource Hash

b44d93b54325270b63927f2432251bb40a26ed6333fa0633c73d1f236a3dcb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 10:15:00 GMT
via: 1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
age: 52791
etag: d02a65447bb6f12a1586ad450326c517
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
content-length: 250
apigw-requestid: XXQFqj3pIAMEPMA=
x-amz-cf-id: 6Kbamr2dnnpAJ9DBu4zJr8yfTLOqTAvYHChH_7G39rMr8CIPA_SJ4A==

GET
H2 200 facebook_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 18ms
15ms Image
image/png 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/facebook_counter.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 4771428
etag: "62bdf239-977"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2423
x-amz-cf-id: wSJ9_XuamoGR5MQm0be1Zy2UZPdmCNfPWoq4S-vHd-iJoLLugiVwOA==
expires: Fri, 30 Jun 2023 19:31:03 GMT

GET
H2 200 twitter_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 19ms
16ms Image
image/png 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/twitter_counter.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 4771428
etag: "62bdf239-9ae"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2478
x-amz-cf-id: HkYOytSK0Lq2EzmYFdBigtQ4AywNAoupmaJCTCTj5wjootD264SzLg==
expires: Fri, 30 Jun 2023 19:31:03 GMT

GET
H2 200 linkedin_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 21ms
17ms Image
image/png 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/linkedin_counter.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 4771428
etag: "62bdf239-9e1"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2529
x-amz-cf-id: 1vfdBbUEUMEmiJy5b6OIdKMz42vhu8-qU_7W_2O8U9wMHXQxx8iasw==
expires: Fri, 30 Jun 2023 19:31:03 GMT

GET
H2 200 pinterest_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 20ms
16ms Image
image/png 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/pinterest_counter.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

47c1ac2e88d06479a7bda88be7c0c01bf368aaa0bed4d894e6c2c179b0ce6357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 4771428
etag: "62bdf239-8b6"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2230
x-amz-cf-id: HatSukfrNciUDiLca0xPnvPUaA5nFaPIZMh0cKV4sn84G11N6GAD_w==
expires: Fri, 30 Jun 2023 19:31:03 GMT

GET
H2 200 googleplus_16.png
ws.sharethis.com/images/2017/ 2 KB
2 KB 17ms
16ms Image
image/png 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/images/2017/googleplus_16.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 4771428
etag: "62bdf239-61f"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1567
x-amz-cf-id: diZgxk5kKq2kcj2blvZDnwBGX8oF-mboyjmarBBbJVlIVo2NT6D3jg==
expires: Fri, 30 Jun 2023 19:31:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 22ms
22ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1603539292&t=pageview&_s=1&dl=http%3A%2F%2Fhacks-cs.clan.su%2F&ul=en-us&de=UTF-8&dt=All%20for%20Counter-Strike%201.6%20hacks%2C%20models%2C%20sprites%2C%20additions%2C%20plug-ins&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1174845548&gjid=199699237&cid=1352617971.1661388888&tid=UA-29476920-3&_gid=563601876.1661388888&_r=1&_slc=1&z=502471755

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hacks-cs.clan.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hacks-cs.clan.su
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 341 KB
121 KB 81ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4264999882239908&plah=hacks-cs.clan.su

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56b7385d5d94a04b36543b68a5079a220ef00c0dd4f114b6390a9d9c9fa9eb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122736
x-xss-protection: 0
server: cafe
etag: 8634061882617057086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 00:54:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame CA97 10 KB
5 KB 68ms
16ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 18:23:24 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 18:23:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 20ms
19ms Image
text/plain 3.66.43.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.43.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-43-43.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 99ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-29476920-3&cid=1352617971.1661388888&jid=1174845548&gjid=199699237&_gid=563601876.1661388888&_u=IEBAAEAAAAAAAC~&z=976663791

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hacks-cs.clan.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Aug 2022 00:54:51 GMT
content-type: text/plain
access-control-allow-origin: http://hacks-cs.clan.su
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D524 43 KB
22 KB 72ms
38ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW&co=aHR0cDovL2hhY2tzLWNzLmNsYW4uc3U6ODA.&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&theme=light&size=compact&cb=z83ee0reyjmn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ada43b5a7e762ee710ef276df573804ce850d5a3b526567163fc50e7f146387

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A2dve6shOV79CegflP18WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22988
content-security-policy: script-src 'report-sample' 'nonce-A2dve6shOV79CegflP18WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 871.css
hacks-cs.clan.su/.s/src/css/ Frame 95C1 16 KB
4 KB 63ms
57ms Stylesheet
text/css 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/css/871.css

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/mchat/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

baa35de5207d4ccb2abf99d56d9cef0cf9357f70b2fb5c973f155a6fb84e9756

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/mchat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 May 2021 12:20:25 GMT
Server: nginx
ETag: W/"60ae3d09-3f5b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
hacks-cs.clan.su/.s/src/ Frame 95C1 95 KB
33 KB 144ms
76ms Script
text/javascript 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/jquery-1.12.4.min.js

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/mchat/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/mchat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2019 15:36:20 GMT
Server: nginx
ETag: W/"5c87d1f4-17b8b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK uwnd.min.js Show response
hacks-cs.clan.su/.s/src/ Frame 95C1 205 KB
56 KB 142ms
63ms Script
text/javascript 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://hacks-cs.clan.su/.s/src/uwnd.min.js?2

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/mchat/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/mchat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Server: nginx
ETag: W/"626678ba-3334b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H/1.1 200
OK profile.png
hacks-cs.clan.su/.s/img/icon/ Frame 95C1 676 B
1 KB 59ms
59ms Image
image/png 193.109.246.56
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://hacks-cs.clan.su/.s/img/icon/profile.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/mchat/

Protocol

HTTP/1.1

Server

193.109.246.56 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

f5d62b58ed22f77bea1a87ce4e204e2b213459746f74ee5e0be91f22851420cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/mchat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 00:54:51 GMT
Last-Modified: Mon, 31 Jul 2017 10:31:25 GMT
Server: nginx
ETag: "597f06fd-2a4"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 676
Expires: Wed, 14 Sep 2022 00:54:51 GMT

GET
H2 200 bubble_arrow_below.png
ws.sharethis.com/secure/images/ 969 B
1 KB 18ms
17ms Image
image/png 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ws.sharethis.com/secure/images/bubble_arrow_below.png

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: nginx/1.20.1
age: 4771428
etag: "62bdf287-3c9"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 969
x-amz-cf-id: 7DuEzYPxIJRCUByKlwGJyvDW_AKwIVGwiJZ3HQvdNPPzqlU28I56_Q==
expires: Fri, 30 Jun 2023 19:31:03 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame D524 52 KB
24 KB 49ms
17ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW&co=aHR0cDovL2hhY2tzLWNzLmNsYW4uc3U6ODA.&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&theme=light&size=compact&cb=z83ee0reyjmn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 15:01:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame D524 387 KB
154 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d519d7c7ed0ef60bdff019860cb18b309245d9dd8450acb3ce173f5fe4ff3bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157275
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 15:01:47 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 28ms
26ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-29476920-3&cid=1352617971.1661388888&jid=1174845548&_u=IEBAAEAAAAAAAC~&z=83481962

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 95ms
28ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-29476920-3&cid=1352617971.1661388888&jid=1174845548&_u=IEBAAEAAAAAAAC~&z=83481962

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
642 B 91ms
23ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hacks-cs.clan.su&callback=_gfp_s_&client=ca-pub-4264999882239908

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4264999882239908&plah=hacks-cs.clan.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fd3c957450fb812f2602142c290bb8d3a252e72afef3304c081661784d9026bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 85ms
24ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hacks-cs.clan.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
24ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hacks-cs.clan.su

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6360 192 KB
54 KB 341ms
309ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&adk=1812271804&adf=3025194257&lmt=1440521943&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhacks-cs.clan.su%2F&ea=0&pra=5&wgl=1&dt=1661388887958&bpp=3&bdt=567&idt=147&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4221951986018&frm=20&pv=2&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=164

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d86a45d5a80c9e55b43d02ce486d319ca586b1803a39bff2b1a83bf955b637ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 55404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:51 GMT
expires: Thu, 25 Aug 2022 00:54:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D524 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D524 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D524 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 107703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 30 Aug 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D524 15 KB
16 KB 60ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 135406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Aug 2023 11:18:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D524 102 B
134 B 25ms
24ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99584f816df6714b39895e4032ede0c137cd7fd764abbb64845f25848ccc0565

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW&co=aHR0cDovL2hhY2tzLWNzLmNsYW4uc3U6ODA.&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&theme=light&size=compact&cb=z83ee0reyjmn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 25 Aug 2022 00:54:51 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9740.eu7iEJ7i3BkpQw4VWqd1WKMDwO0BSVYN7cCpigDsklbuDVLR2qvq_i9i2MuETuFz.neAPPM6zywrQ_-TEu_u1PGpX46Y%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9740.GpeTkVANM4bvgtLkOjShvmDXPKKSM9gGLTU4OeVKXUGU3x3oV8dEBKMEjn7kYfrN1XNHlEftouMUWOWfeDxk0g%2C%2C.kO6RpcWl3WYR2PWV1gOV2VR27GM%2C

75 B
75 B

65ms
65ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9740.GpeTkVANM4bvgtLkOjShvmDXPKKSM9gGLTU4OeVKXUGU3x3oV8dEBKMEjn7kYfrN1XNHlEftouMUWOWfeDxk0g%2C%2C.kO6RpcWl3WYR2PWV1gOV2VR27GM%2C

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9740.GpeTkVANM4bvgtLkOjShvmDXPKKSM9gGLTU4OeVKXUGU3x3oV8dEBKMEjn7kYfrN1XNHlEftouMUWOWfeDxk0g%2C%2C.kO6RpcWl3WYR2PWV1gOV2VR27GM%2C
date: Thu, 25 Aug 2022 00:54:51 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
undefined/ 0
0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 80EC 7 KB
1 KB 26ms
25ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce5245097ea91236e3e596f428257d5ad1d24c8fe401481c4cb930550f898748

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QkfdGYyOzzaTT2IRhhIDrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-QkfdGYyOzzaTT2IRhhIDrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 66ms
65ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
last-modified: Tue, 23 Aug 2022 14:08:03 GMT
etag: "6304b513-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 01:54:51 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 80EC 52 KB
24 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 15:01:38 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 80EC 387 KB
154 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&k=6LcuAwsUAAAAACZC54L4RPcngPvTZSGgjgd0zcDW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d519d7c7ed0ef60bdff019860cb18b309245d9dd8450acb3ce173f5fe4ff3bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 15:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157275
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 15:01:47 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ 150 KB
53 KB 66ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56c6448c03e914d41abbdd7e515e74dd1da2beba37998d75b82af874882ffcbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54625
x-xss-protection: 0
server: cafe
etag: 8690048131520608851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 00:54:51 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 58ms
25ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hacks-cs.clan.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 57ms
25ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hacks-cs.clan.su

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 864E 147 KB
39 KB 822ms
821ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d539b167c6805bcec496ff143b590151d665cc343e7526aa1a150cc380ba26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39826
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:52 GMT
expires: Thu, 25 Aug 2022 00:54:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DC5 81 KB
28 KB 461ms
460ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f90cd45cd7eb0d51099c9aa31b508a688ba578817e227e421183c36e6526cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28786
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:52 GMT
expires: Thu, 25 Aug 2022 00:54:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/12507724/
Redirect Chain

https://mc.yandex.com/watch/12507724?wmode=7&page-url=http%3A%2F%2Fhacks-cs.clan.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/12507724/1?wmode=7&page-url=http%3A%2F%2Fhacks-cs.clan.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8...

338 B
420 B

81ms
81ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/12507724/1?wmode=7&page-url=http%3A%2F%2Fhacks-cs.clan.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A569141220498%3Ahid%3A817936867%3Az%3A0%3Ai%3A20220825005448%3Aet%3A1661388888%3Ac%3A1%3Arn%3A6720843%3Arqn%3A1%3Au%3A1661388888318481733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1661388886891%3Ads%3A192%2C59%2C239%2C59%2C0%2C0%2C%2C408%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661388889%3At%3AAll%20for%20Counter-Strike%201.6%20hacks%2C%20models%2C%20sprites%2C%20additions%2C%20plug-ins&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f871689fc5d19a320aec37b873ec3dfeafa57a7c1196161e768e500d012b5538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Aug-2022 00:54:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://hacks-cs.clan.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Thu, 25-Aug-2022 00:54:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:51 GMT
last-modified: Thu, 25-Aug-2022 00:54:51 GMT
location: /watch/12507724/1?wmode=7&page-url=http%3A%2F%2Fhacks-cs.clan.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A949%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A569141220498%3Ahid%3A817936867%3Az%3A0%3Ai%3A20220825005448%3Aet%3A1661388888%3Ac%3A1%3Arn%3A6720843%3Arqn%3A1%3Au%3A1661388888318481733%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1661388886891%3Ads%3A192%2C59%2C239%2C59%2C0%2C0%2C%2C408%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661388889%3At%3AAll%20for%20Counter-Strike%201.6%20hacks%2C%20models%2C%20sprites%2C%20additions%2C%20plug-ins&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://hacks-cs.clan.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 25-Aug-2022 00:54:51 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame F0B2 10 KB
4 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 21:09:44 GMT
etag: 8616628553774171045
expires: Wed, 07 Sep 2022 21:09:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F0B2 4 KB
1 KB 73ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:12:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 00:54:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 00:54:51 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0B2 205 B
229 B 16ms
15ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:19:49 GMT
x-content-type-options: nosniff
age: 2102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Aug 2023 00:19:49 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F0B2 604 B
628 B 17ms
15ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:41:53 GMT
x-content-type-options: nosniff
age: 778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Aug 2023 00:41:53 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame F0B2 19 KB
9 KB 70ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:22:40 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/ Frame 348C 4 KB
1 KB 52ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/index.html

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90c8cda770e2e545306c1dfe6da7ac6bc7b2aeddcd246dc43f4664b3a11e8a00

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 39369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1490
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:58:42 GMT
expires: Thu, 24 Aug 2023 13:58:42 GMT
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 155F 23 KB
9 KB 57ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:01:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 155F 3 KB
1 KB 60ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:37:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 155F 140 KB
44 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 00:54:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 155F 17 KB
7 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:34:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73F2 143 B
163 B 29ms
26ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 00:11:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 348C 9 KB
3 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 13:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 25 Aug 2022 13:42:57 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 348C 26 KB
10 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 25 Aug 2022 05:09:09 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 348C 236 KB
63 KB 87ms
24ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Aug 2022 00:54:52 GMT

GET
H3 200 336x280.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/ Frame 348C 67 KB
9 KB 24ms
23ms Script
application/x-javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/336x280.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed5bf7c66d20b7a58f2381495a17e9300d3f760a8a391292b1d50c5f93fa4859

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 39587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8869
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:04 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73F2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
19 B

35ms
34ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:52 GMT
expires: Thu, 25 Aug 2022 00:54:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 background_white.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 8 KB
8 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/background_white.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c17ece134a5fe799904749683926dd366ea41a6fb68f0116cf1898469c78d5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8379
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:05 GMT

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 348C 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 06:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 06:15:07 GMT

GET
H3 200 banshee.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 44 KB
44 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/banshee.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7092dcab076f8d23a8607eedf7992f483bccf0942b0cd33048b739c338127db

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45177
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6DC5 8 KB
893 B 58ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:10:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 00:54:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 00:54:52 GMT

GET
H3 200 delayed_impression_vu_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/impression/ Frame 6DC5 17 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd0a1a7809246df79a2925f6eeca126c04d2b40c811cc7ac7486370de3c5d3df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 20:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15509
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7706
x-xss-protection: 0
server: cafe
etag: 12501587712337178964
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Sep 2022 20:36:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6DC5 2 KB
907 B 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:09:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 6DC5 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:01:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6DC5 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:37:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DC5 140 KB
43 KB 56ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 00:54:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 6DC5 17 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:34:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6DC5 0
0 23ms
22ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGM3IBlR6Mez4FTaVvy-S0pwzGfXTwzvuhBt8RoxfJoZdW0LFsGp_JzqmsezO52EZwN6qvPhiH1l7N_SIMcDl-KW8-VA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 6DC5 33 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E327 1 KB
749 B 16ms
16ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 05:32:06 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 05:32:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 4 KB
4 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/border.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ec12244ed94cb36ab7bc54c9fec4bd8658e7f7ad9b89fc552f091ae1f83735

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4025
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:05 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15301512565652617781/ Frame 6DC5 28 KB
28 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15301512565652617781/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3002e86a43f7b25d3419d04bb004867ac14062bbff1b269c314bb86c83f15c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 11:15:19 GMT
x-content-type-options: nosniff
age: 308373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28868
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 10:12:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 21 Aug 2023 11:15:19 GMT

GET
DATA 200
OK truncated
/ Frame 6DC5 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6DC5 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 clouds.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 4 KB
4 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/clouds.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8e7bb6c9ab7b3caf5c199cd272ee4243eb41d488e24066003ce6b1ee2744a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4533
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:05 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:05 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E327 35 B
463 B 60ms
16ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIEBpHK9khKyKEEq4iiFIf4&google_cver=1&google_push=AehlK4BySwmL8F5BEOUoyAawY5-brtDt8E374WSUWesqXwanSAvtwp0kuV6F7uuPW8R9dKU5Lv4FRcxlwm7pxglOU_qNAGVRrs8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E327 43 B
350 B 62ms
24ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEASikYhna1gY2AjmsazDO8&google_cver=1&google_push=AehlK4Dd5gbtSroEqICtMIXpPVeYb51YcRVXKXNihli-xfFGI8XVRrX81xo73v7BWVdjkytWe7ZXbg7M44tuvKNaPeRLsToj-A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: tmkbtl337g7oa21i2k5pms49a93jccgu

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E327 0
166 B 85ms
21ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMIXaxn9pPs4X28SWPJXy8o&google_cver=1&google_push=AehlK4DD4wU5-sloqx29EgAfoMgufZH7dUD5jFYSUhaCE3xxi_XmoXbGfMweMUdcaavRCnWfQB4H48m3154ayiyMluMIOEr3sbM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E327
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHyDt_hTSth2yvE1I31rVbg&google_cver=1&google_push=AehlK4D0oboJjOBenpOS5K2dDXXz50NzmFR_qigg85Zwp2QObXgJN2Uu9LH-W_V2M3qKiBEEQlA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4QzFVNjYtMjUtNjRQSw==&google_push=AehlK4D0oboJjOBenpOS5K2dDXXz50NzmFR_qigg85Zwp2QObXgJN2Uu9LH-W_V2M3qKiBEEQlATaJD08Q1fdiVYJfT05r6zcQ

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4QzFVNjYtMjUtNjRQSw==&google_push=AehlK4D0oboJjOBenpOS5K2dDXXz50NzmFR_qigg85Zwp2QObXgJN2Uu9LH-W_V2M3qKiBEEQlATaJD08Q1fdiVYJfT05r6zcQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc4QzFVNjYtMjUtNjRQSw==&google_push=AehlK4D0oboJjOBenpOS5K2dDXXz50NzmFR_qigg85Zwp2QObXgJN2Uu9LH-W_V2M3qKiBEEQlATaJD08Q1fdiVYJfT05r6zcQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E327
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4BHtP-po-4bdIAm9nrc7wcuk3gpJD_3X...

170 B
188 B

60ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4BHtP-po-4bdIAm9nrc7wcuk3gpJD_3XIhOoXe8PX7ylZ49ZgZZ7-DPVk9nMJsE5aIR_jvlUe3rVSGA1Nz4EaspARXtI98

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4X6eeADXlKPSY6dCzwQp3ytN1Th5m6tzBMj7si5hXhKEter%2FlRi4jX6fY%2BT5j1JuITYSeIeLdHcf%2Fo0nOIA4APcz33mBm3A6aZ%2BRRsxYnad0X6Dr8tg40wIhX4SY226hFStAA2nKYOls4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENj_hyfAtydlTaiLke-f30E&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4BHtP-po-4bdIAm9nrc7wcuk3gpJD_3XIhOoXe8PX7ylZ49ZgZZ7-DPVk9nMJsE5aIR_jvlUe3rVSGA1Nz4EaspARXtI98
cache-control: no-cache
cf-ray: 74005be21e279247-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame E327 0
44 B 775ms
254ms Image
text/plain 54.64.135.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEPJlbi1DMwMEitFUbos5G7s&google_cver=1&google_push=AehlK4DEyZJLErfLH8ZVZfzkTrBSTF1nFfDNBLpaRMuNyhgXIRMspsdsajHHvXhp1HuDc5eKdLl4z-CvS2Kg5YfOGOphUVY_uqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.135.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-135-73.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
server: awselb/2.0

GET googleredir
googlecm.hit.gemius.pl/ Frame E327 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E327 0
223 B 92ms
23ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kh_xP3-JFHw1DELJszWuf9XKFFJp3iNMNQ_T1hrItCYGACy-LTomhSqycVQJ0COzlpsg5_sA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 kv.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 11 KB
11 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/kv.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

354551f6fb654f3f9276f834f95e8a20271596d12602ed2f52cfb1c841b5af4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11537
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:06 GMT

GET
DATA 200
OK truncated
/ Frame 6DC5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25efcfa56f47684ab2fb7d6ea6c3b5f3f4101ed203c322c315beee001401e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6DC5 28 KB
28 KB 47ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 58208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 08:44:44 GMT

GET
H3 200 DE_USK.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 21 KB
21 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/DE_USK.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b97e9b443d6525c67e0da8b1f6ca0dae484ae7dd0d1b91defecfb6eed09c6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21204
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:06 GMT

GET
H3 200 shadow.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 11 KB
11 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/shadow.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e19a8e708dcbc47d0945c6967fd01890d6320db36395d9bda43e13617e03d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11719
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:06 GMT

GET
H3 200 sky.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 10 KB
10 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/sky.jpg

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9031d9d04ce40b4a28249df518d85f76fd15809258d29c87066af2eb1ebda831

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10427
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6DC5 0
17 B 62ms
62ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C38-KW8gGY6bMK4KV7_UPyaqk8AflyNrwa4ftovajDtPfvraYDhABIOLTtx9gleKQgqAHoAGs8ri_AcgBCakCUU3B-66YCT6oAwHIA8sEqgSDAk_QF6tD8ySytvRWYCFCQSGF6uElQEoN8vlaqv4BrWs7uNB5fFQGdT7FInhWREk0H4-0WkWjt4RDSfnN6ZALl6nUZBY2z9H4gCDU6PhwqSHEoKIhNxKpUEjGzR6RgT_y3jKAYfEZRN30Nx0j33AH4nQcHk7N4e0ymzEuZanKHKi5VmpFpTM_SwaZWpaZtErzNUQ1Vkw7a51eeophLmCrtwtvLPZAzIJIru01y_iJTe-pSHKSQ4ID_EFiEAIPxRF-p3tUXh3Sd469IUQDSmxLmq4j4Au5swlV9PfIXPUpjAlird4G4VjgdxGdWtKU564yXAbipbcoruFJ0G0v7VYDVtKUqTnABKG38vXGA5IFBAgEGAGSBQQIBRgEoAYugAe8jcfAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP66AtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTQyNjQ5OTk4ODIyMzk5MDgYAA&sigh=GPN22jtUYws&uach_m=[UACH]&template_id=5000&cbvp=2&vis=1

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=1579747039&pi=t.aa~a.2291565324~i.11~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=1&bdt=1119&idt=1&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0%2C1082x280&nras=3&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1644&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=WXQommqWQN&p=http%3A//hacks-cs.clan.su&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 00:54:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DBB 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 06:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 06:15:07 GMT

GET
H3 200 tower.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/ Frame 348C 21 KB
21 KB 17ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2665828658689668853/336x280/images/tower.png

Requested by

Host: hacks-cs.clan.su
URL: http://hacks-cs.clan.su/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43f9002c8e1a1f10ca2370f1b122c144f0cd2321683c17dd1d9da859f81b4c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 39586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21828
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 13:19:28 GMT
server: sffe
date: Wed, 24 Aug 2022 13:55:06 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 13:55:06 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame 5AFF 7 KB
2 KB 16ms
16ms Document
text/html 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

1d5d4a3d491d72214945792be081b07dc744bd7a67421f7e571aec699589ae4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80239
content-encoding: gzip
content-length: 2090
content-type: text/html
date: Wed, 24 Aug 2022 02:37:33 GMT
etag: W/"62bdf287-1ade"
last-modified: Thu, 30 Jun 2022 18:59:19 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-id: EHqBgAprzIs8vFKsfBnOR1dyjZRj1wQcotiK0KTak_wc_ENGPFCiIQ==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 st.da2f6a88d7bfe891c2a6f4578518e3f4.js Show response
ws.sharethis.com/secure/js/ Frame 5AFF 148 KB
38 KB 18ms
18ms Script
application/javascript 2600:9000:20eb:e600:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/js/st.da2f6a88d7bfe891c2a6f4578518e3f4.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

fb0058690392ce74e443d304e2f2c81a70ca36eb25e0dfb1cadada9315074049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 4771429
etag: W/"62bdf287-24e3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-amz-cf-id: TrTVyqvRFWDuPiaQb57bGcGZU4sZZC2HmJyd3iTmJvz7rsT7iK_2tA==
expires: Fri, 30 Jun 2023 19:31:03 GMT

GET
H3 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame 864E 10 KB
4 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:43:50 GMT

GET
H3 200 120dba6b59d2f966bd44cf141203e8a0.js Show response
www.gstatic.com/mysidia/ Frame 864E 150 KB
56 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d644294233adb479cce7d6390b93dc5ae6fe97f8cad88596d5208942aee6b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 23:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57108
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 23:01:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 864E 6 KB
916 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eb5b671ae37248c1f6efc99b1b671eae1026344cf7ba799fd7e07764f1ab2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:31:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 00:54:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 00:54:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 864E 2 KB
907 B 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:09:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 864E 23 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:01:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 864E 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:37:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 864E 140 KB
43 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 00:54:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 864E 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 00:34:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 864E 0
0 24ms
23ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPNBqboPQY_vF_cEkpVy-T3QwIQ2rUJkmipnKe1oULH8fcu7dwR6bHhGP2a0wYe-4ix-qrZEww5MOqIk3KSez-EWoezw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 864E 33 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 864E 52 KB
53 KB 70ms
17ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSVQ1sXKVCmt-ikiiWW7-7JM3ae3miFDilQ_Il0TjjDpl0Z9hCj5OoIvQQbVA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9969ac385012ee49a827fda4307dc7ab022c803791a8f1c913dc4b0fdc298ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 11:34:01 GMT
x-content-type-options: nosniff
age: 48051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53258
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 11:11:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Aug 2023 11:34:01 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 864E 46 KB
47 KB 58ms
16ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS1Ueyg_7wsQN2uER2BemGoT5u9-MsOWlojnZaqiqaKSYUDuyUY&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511a04cbdd7e4a57a780e27766d2afe47e25aeb167e7104e8f4ea879a31c90c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:52 GMT
x-content-type-options: nosniff
age: 289500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47482
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 18:10:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 21 Aug 2023 16:29:52 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 864E 52 KB
52 KB 83ms
30ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS3Q3DKH6WvGsHKqrFXtEfzfMVMGt4aix_H9hFDHEN0zDdh9yo&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b928bec36fa36391aea12a1bd2aa1e1c66b244c897fdeed94ecce25684f648e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 05:26:12 GMT
x-content-type-options: nosniff
age: 156520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52917
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 11:11:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 23 Aug 2023 05:26:12 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 864E 25 KB
25 KB 58ms
16ms Image
image/jpeg 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQUiJf4uLSqY8cWQjBdvig1aVMgQnlZKxgzRrtscIWWYCOSLSIRT-PQXhP3XZE&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a411d92128c5beacc8a86601898ee66fbcb040213dae1a2ee710fc07caf417fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 06:13:14 GMT
x-content-type-options: nosniff
age: 499298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25210
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 07:26:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 06:13:14 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 864E 16 KB
16 KB 86ms
33ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSOy-jcYPQNzp9yjToIcBO4HWtJGRFlwsleg6dK-AeefrOPGfg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

254eb0796ad5784f764e0278cf8d7cb8181a65eafca21bedcbd315575694c5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:47:31 GMT
x-content-type-options: nosniff
age: 403641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16389
x-xss-protection: 0
last-modified: Sat, 12 Feb 2022 22:05:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 08:47:31 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 864E 20 KB
21 KB 69ms
16ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTwAGbnQSbvmLUJw3XLpQl5swkz3VfgP3GH4OIEHhwU8lS0wIQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73cabc9b5ff8a25d386b4ce1e5af97e237fc8c1dddefbb3f8ebb8e809d6d93ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 20:47:56 GMT
x-content-type-options: nosniff
age: 446816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20695
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 23:21:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 20:47:56 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 864E 0
327 B 376ms
22ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~l78c1rgx&c=3188494524657&slotId=1594247262328.5&qqid=CIih5fXj4PkCFVRN5Qod1iUPgg&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

11780843361182657146
tpc.googlesyndication.com/simgad/ Frame 864E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEvJ7JFhCwCRj0BDIIb01YwFEWIjI
https://tpc.googlesyndication.com/simgad/11780843361182657146

889 KB
889 KB

17ms
17ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11780843361182657146

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcdaf7895b1d44f00bd6f6014faa1fb7e88292c374a19f0aac9bcd950d3397ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 18:27:23 GMT
x-content-type-options: nosniff
age: 109649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910082
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 09:40:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Aug 2023 18:27:23 GMT

Redirect headers

date: Wed, 24 Aug 2022 19:02:40 GMT
x-content-type-options: nosniff
server: cafe
age: 21132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/11780843361182657146
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Sep 2022 19:02:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 864E 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG625W8gGY8iHK9SalQfWy7yQCM_Bg_1r5dfgjJQQl-KE-9gPEAEg4tO3H2CV4pCCoAegAb_p1swDyAEJqQJ4bn74usazPqgDAcgDywSqBIICT9CC_3sp3KRsqezExC09J1mwNKscGhdnzY65eWUeKUuGrvIBxQBBxjiRM1HrTO6hT0D7nnvwkZXsYFrw4JUU55iXiWvp_GOrEe4HMW_61xUbnX8PIgBrJwfAuYjL0ohkJ_PfI4uPLqhgMUCFqTqp91Vvk0mHMfTM01gDIQihIwtyemicdWfyPVbMjKyKLwMfe1OTHJQSvozpYEO1BAA9rlg0XYo3fZg9m4cu4Ptr8ecTH0lt_ngiyKQH7S1Pda0Ld2kTahcdcACVQKBp8ThTECl9CIDh0HTki1Dkq7TYJtEeYaywNRel1Ld-fUBcxzgruARR5gcOVpE8G9rNuuYQIFt5wASbnu67iASSBQQIBBgBkgUECAUYBKAGLoAHveKr4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ6qMc0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw7QFQGAFwGyFxwKGggAEhRwdWItNDI2NDk5OTg4MjIzOTkwOBgA&sigh=BijLzxvyPuQ&uach_m=[UACH]&template_id=499

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Aug 2022 00:54:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6E21 1 KB
749 B 16ms
15ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 05:32:06 GMT
etag: 48472445140208031
expires: Thu, 25 Aug 2022 05:32:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 864E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b968d1d57f84a1583f7433d7c328764b97aafdf627a876678007f7819b0daaf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

206

videoplayback
r4---sn-4g5ednde.gvt1.com/ Frame 864E
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=cb6ef9df0e500183&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1661396092&sparams=ip,ipbits,expire,id,...
https://r4---sn-4g5ednde.gvt1.com/videoplayback?id=cb6ef9df0e500183&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661396092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

66ms
15ms

Media
video/mp4

2a00:1450:4001:17::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednde.gvt1.com/videoplayback?id=cb6ef9df0e500183&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661396092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4D9C49EC1C3BDF36948AD77DE7B31086E01AE415.8455FB83916C4C9D541CF8994DBD4289CFD7C961&key=cms1&cms_redirect=yes&mh=h_&mip=2001:ac8:20:301::201e&mm=28&mn=sn-4g5ednde&ms=nvh&mt=1661388575&mv=u&mvi=4&pl=53

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Server

2a00:1450:4001:17::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

08f9265c1c9763ed4b5494db6cab736b1020e5e85bdb91925212872de2e3ae6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Aug 2022 20:54:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1153711/1153712
client-protocol: quic
cache-control: private, max-age=6900
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1153712
expires: Thu, 25 Aug 2022 00:54:52 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5ednde.gvt1.com/videoplayback?id=cb6ef9df0e500183&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1661396092&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4D9C49EC1C3BDF36948AD77DE7B31086E01AE415.8455FB83916C4C9D541CF8994DBD4289CFD7C961&key=cms1&cms_redirect=yes&mh=h_&mip=2001:ac8:20:301::201e&mm=28&mn=sn-4g5ednde&ms=nvh&mt=1661388575&mv=u&mvi=4&pl=53
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E21
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBUdICOwrRlvyMqGc6hj_R0&google_cver=1&google_push=AehlK4CCdsOfUF-aAXoTP70vDKgf4-pYC1hW93W0lCdAHokOnahaChuxPH...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CCdsOfUF-aAXoTP70vDKgf4-pYC1hW93W0lCdAHokOnahaChuxPHCHd_rEzMI71TwCCSmEl5OQJU_9TfPDldH8Yz3ZM40&google_hm=OuoLfbn8ZtLfj...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CCdsOfUF-aAXoTP70vDKgf4-pYC1hW93W0lCdAHokOnahaChuxPHCHd_rEzMI71TwCCSmEl5OQJU_9TfPDldH8Yz3ZM40&google_hm=OuoLfbn8ZtLfjxAsxNJHig

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CCdsOfUF-aAXoTP70vDKgf4-pYC1hW93W0lCdAHokOnahaChuxPHCHd_rEzMI71TwCCSmEl5OQJU_9TfPDldH8Yz3ZM40&google_hm=OuoLfbn8ZtLfjxAsxNJHig
pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E21
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CCRD926zWbKYmmWS07xdmkqARquaxhSLG2zyd...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdiSVhBQUFBRzdFd1JCOQ&google_push=AehlK4CCRD926zWbKYmmWS07xdmkqARquaxhSLG2zyddNXL9umbziOhTEiuzwMWh2E0ey0eZe8nC_C95c1HGsD5X2AO7Nr_uNGZI

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdiSVhBQUFBRzdFd1JCOQ&google_push=AehlK4CCRD926zWbKYmmWS07xdmkqARquaxhSLG2zyddNXL9umbziOhTEiuzwMWh2E0ey0eZe8nC_C95c1HGsD5X2AO7Nr_uNGZI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdiSVhBQUFBRzdFd1JCOQ&google_push=AehlK4CCRD926zWbKYmmWS07xdmkqARquaxhSLG2zyddNXL9umbziOhTEiuzwMWh2E0ey0eZe8nC_C95c1HGsD5X2AO7Nr_uNGZI
Date: Thu, 25 Aug 2022 00:54:52 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E21
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEK7TrG6QMUa5gZ9RcCDljP8&google_cver=1&google_push=AehlK4BWz8evflKX11V_1VvMz0tTK7BeVaLhrLrpcsQKod828USuNY8EQ-0ZTkBH_zdO0WietccFtAQAA_PWlzJT-gUb3c9-tTk
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BWz8evflKX11V_1VvMz0tTK7BeVaLhrLrpcsQKod828USuNY8EQ-0ZTkBH_zdO0WietccFtAQAA_PWlzJT-gUb3c9-tTk&google_hm=Q0FFU0VLN1RyRzZRTVVhNW...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BWz8evflKX11V_1VvMz0tTK7BeVaLhrLrpcsQKod828USuNY8EQ-0ZTkBH_zdO0WietccFtAQAA_PWlzJT-gUb3c9-tTk&google_hm=Q0FFU0VLN1RyRzZRTVVhNWdaOVJjQ0RsalA4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 00:54:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BWz8evflKX11V_1VvMz0tTK7BeVaLhrLrpcsQKod828USuNY8EQ-0ZTkBH_zdO0WietccFtAQAA_PWlzJT-gUb3c9-tTk&google_hm=Q0FFU0VLN1RyRzZRTVVhNWdaOVJjQ0RsalA4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 6E21 43 B
64 B 45ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAziUzYRf0rriGPS2wl2j6M&google_cver=1&google_push=AehlK4BQhEWJ6YXvp0VrpRb6STE89EZtSd7es28Ng73ctaUusnj9CzL3Sbsq-wufsaOPe9SPOr--wqxms3Pvc0W7VinmEhstZS4N
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ugbiunifik7943n9s4qae7dk2f1g43dl

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6E21 0
41 B 27ms
21ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIzG7CS75IvoxN8TtgUbsFY&google_cver=1&google_push=AehlK4DHFOBhbrd-JuATSHVkt8rhEcjCpdSwLBbXkXRqM8QbiIZeWCNAUBNHA2TMrLUDk4hLurWlMhpZQNR1A3f-fH9StTsf4EeX
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E21
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECdyECq6Vs2N0rGjiP77-Ck&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdyECq6Vs2N0rGjiP77-Ck&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4CCts4nMlBKqD7ZsiUdBXu8lZXt-vnmg...

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdyECq6Vs2N0rGjiP77-Ck&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4CCts4nMlBKqD7ZsiUdBXu8lZXt-vnmgLEvpnC7YDhTHgRJqjUdidplaICkERV-2GbtboSYZ6bwPTVdm32cmeFoPkAX8O4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QislPm1LlfhVoDyCZQ9NRZUS%2Fw0XRoY0fJs3z7HwXrLs56kYInPcYPwt9uEGS%2FrC2Bk1y3MD%2BOKkqjBDIPg0cV02pJfv2IzXbrGgz4hyrXX%2F8jPWIOaYZfVRNVm4sG%2BwshRb7AU2scw1bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECdyECq6Vs2N0rGjiP77-Ck&google_hm=YwbIXBKObEPEHL5czgVgewAAFBYAAAIB&google_nid=index&google_push=AehlK4CCts4nMlBKqD7ZsiUdBXu8lZXt-vnmgLEvpnC7YDhTHgRJqjUdidplaICkERV-2GbtboSYZ6bwPTVdm32cmeFoPkAX8O4
cache-control: no-cache
cf-ray: 74005be33f0c9247-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 6E21 0
43 B 400ms
255ms Image
text/plain 54.64.135.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEDNlTl9EO9nlQZHVZwAR8nE&google_cver=1&google_push=AehlK4BlDvswz1rLktYRsFrYgY0XmiWwGHbvRvqGQGbCj_L8-qK1B23Xy1LQmuSKIsR7kKU7VIqXzMPpQqdworwQocYKnNIKI8I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.135.73 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-135-73.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
server: awselb/2.0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6E21 0
12 B 27ms
23ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IdQ8hF7KPgNLdqC5uyXDV1tmcgpJBLCvXKhjgXhPmCluKe0C6WMz8PuaJXxd8lotj8b-WQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 864E 20 KB
20 KB 21ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 96072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 22:13:40 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 864E 17 KB
17 KB 19ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 20:10:26 GMT
x-content-type-options: nosniff
age: 17066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:10:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 79ms
42ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4f6a10148be2b37e7f5338ad0181186622db297a939a5ffaea5524176e3e975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 00:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11125
x-xss-protection: 0

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 21E4 36 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4264999882239908&output=html&h=280&adk=837844183&adf=179568953&pi=t.aa~a.2291565324~i.7~rp.1&w=1082&fwrn=4&fwrnh=100&lmt=1440521943&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7532087805&psa=0&ad_type=text_image&format=1082x280&url=http%3A%2F%2Fhacks-cs.clan.su%2F&fwr=0&pra=3&rh=200&rw=1082&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1661388888510&bpp=3&bdt=1119&idt=-M&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08ce1cf0cbf65065-22a1834404ce001f%3AT%3D1661388891%3ART%3D1661388891%3AS%3DALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg&prev_fmts=0x0&nras=2&correlator=4221951986018&frm=20&pv=1&ga_vid=1352617971.1661388888&ga_sid=1661388888&ga_hid=1603539292&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=259&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066428%2C31064019&oid=2&pvsid=4033593874821120&tmod=926306480&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FqRiGhfCrZ&p=http%3A//hacks-cs.clan.su&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 06:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 06:15:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 00:54:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 46FA 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 21:49:36 GMT
expires: Thu, 24 Aug 2023 21:49:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D00F 783 B
536 B 26ms
26ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94d70d32a72c06784d197d82ff14c4872e773416088244587d3bb62965259955

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6d5I_Pqe-vMxAHxkXjmiZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hacks-cs.clan.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-6d5I_Pqe-vMxAHxkXjmiZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 00:54:52 GMT
expires: Thu, 25 Aug 2022 00:54:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 46FA 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 06:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 06:15:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D00F 0
0 50ms
49ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=4033593874821120&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 46FA 0
12 B 15ms
15ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KbGOWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 00:54:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=4033593874821120&bg=!CQqlCk7NAAYUOm8VNDo7ACkAdvg8WsHarldshnz5QRFkQrtOFT18NiKT44CxtHawrrg0kMl2nWyXcgIAAACGUgAAAAZoAQeZAs1HQDm1h9ujpzZmncw8O9ECdxeZRyqg2yO8_8tDUqYP2MfSjvWB6jOeN_equ_CrRlAKLWx7wazyoM_esAYlloetu_2STScwMItBYYZMetgP0ZOvGq0JWTmUD99lKgUdG4QJE_Y3sCuW2Ok4FlM6v7hiZQG8m53dhh6dBeEW5k8DgrtdU5cjB4LSZxh9WKeW0rwjgkUTDMZ6-mPN3dxKv21LZaDbiwwFie4qBiAFWPTFEkcDXDJvYHvRiv_Z1K09mO2qyAYbZzdkh-IXMHbnom6rR1e0uxqsSGxQ7zwU0RVGurBI56iw4ltaYRVbY2YPiwaBsS1-Rzj1_c0BQOAUFgciubPmf-zO5T-VdKe-nOjhQUtiiBIVLQZW5ou9qZNfmxFzhfFtHBMsnV9GxIPu0FuHkEBSkNrLTa3Bw9SX5eMq1bqZGUtMamUkSVGy_-OkCcN1Ftr1c4fDkMCvqJV0ZAha3ibdIzPjFBcPELcrbHwkPkz72c7G588qcbqNjo7g2Z3kI7x9OKrb05aVvHvBh3a6Mviw1UM5Kls9Bcp3zt_ZIwK5Zg0oSy7R2OVrcrlSpb6aZcSf0Ys7GnXg0AppuhhJ5cWz3iN_N7Z1aWy6KDkpMH4zTmq0-5bjQo6eS4PDlE4AOozCQhJcpBsOpRHFYbc-7QmAaLzGfhF1YMj5mdAPb_gNy8PcV_3QelserjOJEZXJXqBObNNy-tjzcAgS1AQ0_b4kbwNTK64UhgV4nD1SrkqAI4Viyi81FoR8UR7bopVDJVEPaDluhgr4iueFbRQwMv8a5Uvm2yhL2lG4T1EUc5_rxLP5FJKFxOpTWGo5xC8WYkV_tUCshk-bc7GlsYOCpBHsHDI4ZLQgmQJ-5g_M5VVnl-Yx4OCKHvOBeNGqDTVeLajL39SCLCs-VOzmTC7kzIn2TGQmKrw_-5mL5P7ySmp_su3PswyoCVbjWFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hacks-cs.clan.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 864E 0
54 B 325ms
23ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~l78c1rhd&c=3188494524657&slotId=1594247262328.5&qqid=CIih5fXj4PkCFVRN5Qod1iUPgg&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 00:54:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: undefined
URL: https://undefined/sync_cookie_image_check

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHVCXrK-C6zy6DAXtcHuZXo&google_cver=1&google_push=AehlK4AMM5Wpouw8GV2nmf0ZpBpzM1bEzGeVtHMbRvgeW8lVTbC97NQIjcchUpIsOnsuw1Dp0v4ZtCjElc0jhv3TZDhiIAwMotw

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hacks-cs.clan.su/	1970-01-20 14:15:24	Name: 6hacks-csuzll Value: 1661388891
.clan.su/	1970-01-20 14:15:24	Name: ucvid Value: l7ehC0Igji
.clan.su/	1970-01-20 15:05:48	Name: _ga Value: GA1.2.1352617971.1661388888
.clan.su/	1970-01-20 05:31:15	Name: _gid Value: GA1.2.563601876.1661388888
.clan.su/	1970-01-20 05:29:48	Name: _gat Value: 1
.yadro.ru/	1970-01-20 14:15:10	Name: FTID Value: 1Z1iXR2ZwQeO1Z1iXR003L_f
.yadro.ru/	1970-01-20 14:15:10	Name: VID Value: 2bOa4e1Dg1uO1Z1iXR003M00
.clan.su/	1970-01-20 14:51:24	Name: __gads Value: ID=08ce1cf0cbf65065-22a1834404ce001f:T=1661388891:RT=1661388891:S=ALNI_MbejBHK_3Z3-Q78VWiSw8avuc7aVg
.clan.su/	1970-01-20 14:15:24	Name: _ym_uid Value: 1661388888318481733
.clan.su/	1970-01-20 14:15:24	Name: _ym_d Value: 1661388888
.mc.yandex.com/	1970-01-20 05:29:49	Name: sync_cookie_csrf Value: 1253086292fake
.clan.su/	1970-01-20 05:31:00	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 05:29:49	Name: sync_cookie_csrf Value: 1499734040fake
.yandex.com/	1970-01-20 14:15:24	Name: yandexuid Value: 1226938171661388891
.yandex.com/	1970-01-20 14:15:24	Name: yuidss Value: 1226938171661388891
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 425634051661388891
.yandex.com/	1970-01-20 15:05:48	Name: i Value: s9f/3L63N1BDCHojBF/oXgLCXpI3cq5SODXBO9p/8ZBqinxL8KpyvDIuK4GVZt9oe2QKa9YWCvFtQAyPElZze1o9PYs=
.yandex.com/	1970-01-20 14:15:24	Name: ymex Value: 1692924891.yrts.1661388891#1692924891.yrtsi.1661388891
.clan.su/	1970-01-20 05:29:50	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 05:29:52	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 07:39:24	Name: d Value: EEYBCQH4JoEA
.quantserve.com/	1970-01-20 15:00:03	Name: mc Value: 6306c85c-52601-2aa35-577d4
.casalemedia.com/	1970-01-20 14:15:24	Name: CMID Value: YwbIXBKObEPEHL5czgVgewAA
.casalemedia.com/	1970-01-20 07:39:24	Name: CMPS Value: 5142
.casalemedia.com/	1970-01-20 07:39:24	Name: CMPRO Value: 5142
.doubleclick.net/	1970-01-20 14:51:24	Name: IDE Value: AHWqTUnuPpdHm8UcjLXsGbp8HXm18JGkEPNVmqRsWK5bL1McW94GsQj5TSa70S3bCKw
.casalemedia.com/	1970-01-20 07:39:24	Name: CMTS Value: 5175
.agkn.com/	1970-01-20 14:15:24	Name: ab Value: 0001%3AQLs17GbO68Z5eQzD3uppFHgZ5av5kn9K
.agkn.com/	1970-01-20 14:15:24	Name: u Value: C\|0CEAqmYTcKpmE3AAAAAAAAQ13AQCAAQpAAAAAAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://undefined/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9740.GpeTkVANM4bvgtLkOjShvmDXPKKSM9gGLTU4OeVKXUGU3x3oV8dEBKMEjn7kYfrN1XNHlEftouMUWOWfeDxk0g%2C%2C.kO6RpcWl3WYR2PWV1gOV2VR27GM%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHVCXrK-C6zy6DAXtcHuZXo&google_cver=1&google_push=AehlK4AMM5Wpouw8GV2nmf0ZpBpzM1bEzGeVtHMbRvgeW8lVTbC97NQIjcchUpIsOnsuw1Dp0v4ZtCjElc0jhv3TZDhiIAwMotw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
count-server.sharethis.com
counter.yadro.ru
csi.gstatic.com
d.agkn.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hacks-cs.clan.su
image6.pubmatic.com
l.sharethis.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
r4---sn-4g5ednde.gvt1.com
redirector.gvt1.com
rtb.openx.net
s0.2mdn.net
s56.ucoz.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
undefined
w.sharethis.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
undefined
104.18.19.126
13.225.78.113
142.250.186.34
172.217.16.194
193.109.246.56
198.47.127.19
216.239.32.3
2600:9000:20eb:e600:3:c04e:c780:93a1
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:17::9
2a00:1450:4001:802::200e
2a00:1450:4001:803::2006
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9c
2a02:6b8::1:119
3.66.43.43
35.157.16.92
35.186.253.211
52.214.225.206
54.64.135.73
69.173.158.64
88.212.202.52
00d539b167c6805bcec496ff143b590151d665cc343e7526aa1a150cc380ba26
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
069a61a69c589b4d899af4a3a199e6f9f0ba8fa2cd68610596ea69429c835909
08f9265c1c9763ed4b5494db6cab736b1020e5e85bdb91925212872de2e3ae6a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09ff2940e61c9c8343439bc6ffac5effde108cf4957a387aa8168f19ce323906
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993
10ad65fee3c7f0fc6a2122915ac606daf88347db9f6173aa67e3457598665677
12c919cc8994233c2f67bdcf1185997781ccfe1ce3405308e31bfd33d260bd74
1363b2bf9e1bb77bdc264ab122846122aaf4fde6586fd79bb6d84b2619a26548
1374fbfdc3c939ad8ddddcd1bc2a88d218dc24ace4d297f7ff1c5a3b58b31d65
163da6b91f78ccad8c824ef31e5dbd2a89fb8d93f2381d43faa96acf502ca3e8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d5d4a3d491d72214945792be081b07dc744bd7a67421f7e571aec699589ae4f
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
254eb0796ad5784f764e0278cf8d7cb8181a65eafca21bedcbd315575694c5ab
267ba0efdd60da848c140290065018f06eae29cd6153f2a79ba607cb94e2df26
2de522f6dd550d90f8a6b559cfcd01644f13d17cb38dc4f553a39f91cd75a733
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3002e86a43f7b25d3419d04bb004867ac14062bbff1b269c314bb86c83f15c09
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
354551f6fb654f3f9276f834f95e8a20271596d12602ed2f52cfb1c841b5af4e
369e1fbbd6a79ff1362bc00de6cc4789b6bd2c087d91811128c956ec2be4a9ce
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
38d934ce29373a05d2b997a89e2c5de885a7cf0571318479f46266d2dd158ddd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb5b671ae37248c1f6efc99b1b671eae1026344cf7ba799fd7e07764f1ab2c4
3f84fb7f091f3e571a1b1f4455ed1c446bb76074df654301fcacf0052b8d7ab9
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
41c17ece134a5fe799904749683926dd366ea41a6fb68f0116cf1898469c78d5
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47c1ac2e88d06479a7bda88be7c0c01bf368aaa0bed4d894e6c2c179b0ce6357
48c2824de2d4f39a04e3c843a4ebef7292fcc343c3be4db48730f534d1df3b3b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511a04cbdd7e4a57a780e27766d2afe47e25aeb167e7104e8f4ea879a31c90c7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54df1caa2a12d0822eecd168f9bf0df07584d4d10b7600be9dfae56986e0d775
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b7385d5d94a04b36543b68a5079a220ef00c0dd4f114b6390a9d9c9fa9eb96
56c6448c03e914d41abbdd7e515e74dd1da2beba37998d75b82af874882ffcbb
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8
5a7df20c1d6253065e7b3211c4c2e796c501928bf6f114ecf058a5b4af9fa868
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a08cf08deb9d3dc5c799b61c582d00bb9357e95dd740d21135c6197ce30d972
6a8ed97c402fa4b16cbbce0b956ce42243aa35615bf1689a1d921ba50bb9b585
73cabc9b5ff8a25d386b4ce1e5af97e237fc8c1dddefbb3f8ebb8e809d6d93ff
748718063bc84d056b5d0cf947b83aa71d7dbef7358d6ec62eab82c2f3881a1a
7b968d1d57f84a1583f7433d7c328764b97aafdf627a876678007f7819b0daaf
80ec12244ed94cb36ab7bc54c9fec4bd8658e7f7ad9b89fc552f091ae1f83735
819989bfc9d96a03619925c1d5f29901f845ac59aee03b4b91da3aac92f383bb
83835421533bee3fdcb7df6cba43427f8a0814ce6421b94fa02086f9d8b3f1cb
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
844a645839690cf04b74a1842534ffbd45a230f7536b3d3eb23d9bc7d3fdcae4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85216269dec9157d00e11e9563b5a43f7535d1ed873f3ef09861fd1c46bd5596
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b50a936d15da38023bc038153263432b45a86a07a8afee72ff28032f55e3efc
8d644294233adb479cce7d6390b93dc5ae6fe97f8cad88596d5208942aee6b3e
9031d9d04ce40b4a28249df518d85f76fd15809258d29c87066af2eb1ebda831
90c8cda770e2e545306c1dfe6da7ac6bc7b2aeddcd246dc43f4664b3a11e8a00
94d70d32a72c06784d197d82ff14c4872e773416088244587d3bb62965259955
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9777513b1dee8fbb0942cc13160510ff06cd1e868bd5dd24d060930871443ce6
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99584f816df6714b39895e4032ede0c137cd7fd764abbb64845f25848ccc0565
9969ac385012ee49a827fda4307dc7ab022c803791a8f1c913dc4b0fdc298ffb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ada43b5a7e762ee710ef276df573804ce850d5a3b526567163fc50e7f146387
9f90cd45cd7eb0d51099c9aa31b508a688ba578817e227e421183c36e6526cfa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a411d92128c5beacc8a86601898ee66fbcb040213dae1a2ee710fc07caf417fb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d
a7251097afbc7a7ed08c618f7b56b27562496792fa0a41dadb42d46cf3b0815b
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf
aa22bfd07d6d73ee1e2fc304bf81625c716e83f81e1dfc044560b54595bdec28
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1532fbb9c546fdee5b45583c446f24f089035298f95f4ad2ac166d5f1eb8a2e
b429a2de9dc7b091cb845285fab32e6004b12b5fbdcd66e43e9d34cba5b9e0a3
b44d93b54325270b63927f2432251bb40a26ed6333fa0633c73d1f236a3dcb59
b928bec36fa36391aea12a1bd2aa1e1c66b244c897fdeed94ecce25684f648e0
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
baa35de5207d4ccb2abf99d56d9cef0cf9357f70b2fb5c973f155a6fb84e9756
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd25efcfa56f47684ab2fb7d6ea6c3b5f3f4101ed203c322c315beee001401e7
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cd0a1a7809246df79a2925f6eeca126c04d2b40c811cc7ac7486370de3c5d3df
ce5245097ea91236e3e596f428257d5ad1d24c8fe401481c4cb930550f898748
d43f9002c8e1a1f10ca2370f1b122c144f0cd2321683c17dd1d9da859f81b4c4
d519d7c7ed0ef60bdff019860cb18b309245d9dd8450acb3ce173f5fe4ff3bc7
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d86a45d5a80c9e55b43d02ce486d319ca586b1803a39bff2b1a83bf955b637ab
dcdaf7895b1d44f00bd6f6014faa1fb7e88292c374a19f0aac9bcd950d3397ca
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e1e19a8e708dcbc47d0945c6967fd01890d6320db36395d9bda43e13617e03d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7092dcab076f8d23a8607eedf7992f483bccf0942b0cd33048b739c338127db
eb2476907f027bd6dcf4f61cecffcd85dd4aaf66ee6615d32fba5359615edad7
ed132c64c4008f3048414bf8506edd464a95035f4552c6452e4f2671f1c1ab9f
ed5bf7c66d20b7a58f2381495a17e9300d3f760a8a391292b1d50c5f93fa4859
ee8e7bb6c9ab7b3caf5c199cd272ee4243eb41d488e24066003ce6b1ee2744a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4f6a10148be2b37e7f5338ad0181186622db297a939a5ffaea5524176e3e975
f5d62b58ed22f77bea1a87ce4e204e2b213459746f74ee5e0be91f22851420cf
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
f871689fc5d19a320aec37b873ec3dfeafa57a7c1196161e768e500d012b5538
f8b97e9b443d6525c67e0da8b1f6ca0dae484ae7dd0d1b91defecfb6eed09c6a
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fb0058690392ce74e443d304e2f2c81a70ca36eb25e0dfb1cadada9315074049
fd3c957450fb812f2602142c290bb8d3a252e72afef3304c081661784d9026bd
fe79402e07d090990a1ecbc24021144e39d216443a2d5a5cdac18300cb841e06
ff1edbcd84b99674d59e0338a2f72eb0250835a25370fa2ceaf00c025d530354

hacks-cs.clan.su Open in urlscan Pro 193.109.246.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

175 Requests

69 %HTTPS

60 %IPv6

27 Domains

42 Subdomains

32 IPs

8 Countries

4371 kBTransfer

7747 kBSize

29 Cookies

1 Outgoing links

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hacks-cs.clan.su Open in urlscan Pro
193.109.246.56 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

69 %
HTTPS

60 %
IPv6

27
Domains

42
Subdomains

32
IPs

8
Countries

4371 kB
Transfer

7747 kB
Size

29
Cookies

175 HTTP transactions
6 data transactions