urlscan.io logo urlscan.io
SecurityTrails logo

agatha-paris.ru Open in urlscan Pro
91.142.86.15  Public Scan

Go To Rescan Add Verdict Report
URL: http://agatha-paris.ru/
Submission: On May 24 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 19 domains to perform 85 HTTP transactions. The main IP is 91.142.86.15, located in St Petersburg, Russian Federation and belongs to MIRAN-AS Miran DC, RU. The main domain is agatha-paris.ru.
This is the only time agatha-paris.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    91.142.86.15 (St Petersburg, Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: free.miran.ru
agatha-paris.ru
10    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.fr
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
adservice.google.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
4    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
7    104.102.29.65 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
3    185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
24    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
103 KB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284
50 KB
15 agatha-paris.ru
agatha-paris.ru
343 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
277 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
6 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3290
52 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
3 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
671 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 612
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1524
581 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 598
569 B
2 gstatic.com
fonts.gstatic.com
44 KB
2 google.fr
adservice.google.fr — Cisco Umbrella Rank: 26188
914 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
460 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1128
464 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
42 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 789
647 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
85 19
Domain Requested by
24 s0.2mdn.net agatha-paris.ru
s0.2mdn.net
15 agatha-paris.ru agatha-paris.ru
10 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
10 pagead2.googlesyndication.com agatha-paris.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
4 mc.yandex.ru 1 redirects agatha-paris.ru
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net agatha-paris.ru
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 id.rlcdn.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.fr pagead2.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.google.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com agatha-paris.ru
1 partner.googleadservices.com pagead2.googlesyndication.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
85 24

This site contains links to these domains. Also see Links.

Domain
wordpress.org
nalam.awesomebootstrap.net
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh

This page contains 8 frames:

Primary Page: http://agatha-paris.ru/
Frame ID: 6ADD9FEF1B5BEADE7E5312AE9ED5BB20
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: C3CE452F239D5E605A897549E2C68573
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9212172011957154&output=html&adk=1812271804&adf=3025194257&lmt=1653376430&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fagatha-paris.ru%2F&ea=0&pra=5&wgl=1&dt=1653376429862&bpp=2&bdt=189&idt=189&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: D4D23F2F502AE9086AA56654A456CADB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Frame ID: 6C9B293AFE2F2DD658C37F0653D3368B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGKOegsEBMAE&v=APEucNU0Qsot_bpX6aRBdIOXicU3KYHFgMTwSSr5ELta7CHSzugsm9UZ-hKmHL9j0Cd-FiakXwAgF-AWcGPWTNqDc2ze-YfGfCAVDNAzXAnNHbkeXlvuap_JVW7uRAazfKxTcEKMEaqWX2a6U-vOkaFhzgPiI_TcQyjJRQrkDsjLRVLowz47BkQ
Frame ID: 07C8AC00AF4707D1C50F0B477EC37DED
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A628D9E0A1084B34FBDF120184338EB3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EDB099541E7BB06B67CABF895E50852D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Frame ID: 9E98BEA928D93DDDEDD343C0A48AB148
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Isolation sous toiture garage

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

85
Requests

69 %
HTTPS

52 %
IPv6

19
Domains

24
Subdomains

18
IPs

5
Countries

916 kB
Transfer

1828 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://mc.yandex.ru/watch/47832843?wmode=7&page-url=http%3A%2F%2Fagatha-paris.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A11959%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1117010041549%3Ahid%3A368555852%3Az%3A0%3Ai%3A20220524071400%3Aet%3A1653376441%3Ac%3A1%3Arn%3A175280106%3Arqn%3A1%3Au%3A1653376441769423716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653376428111%3Ads%3A28%2C72%2C1460%2C1882%2C0%2C0%2C%2C8545%2C2%2C%2C%2C%2C11988%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653376441%3At%3AIsolation%20sous%20toiture%20garage&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/47832843/1?wmode=7&page-url=http%3A%2F%2Fagatha-paris.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A11959%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1117010041549%3Ahid%3A368555852%3Az%3A0%3Ai%3A20220524071400%3Aet%3A1653376441%3Ac%3A1%3Arn%3A175280106%3Arqn%3A1%3Au%3A1653376441769423716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653376428111%3Ads%3A28%2C72%2C1460%2C1882%2C0%2C0%2C%2C8545%2C2%2C%2C%2C%2C11988%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653376441%3At%3AIsolation%20sous%20toiture%20garage&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
Request Chain 38
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1&C=1
Request Chain 39
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoyFuORHDxPGC9zIjnSefwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1
Request Chain 40
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOsKpNVfu8PLwdbUx5c7Q4Q&google_cver=1
Request Chain 41
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMwOTAyMzk3NDg1NTI4MTQ0OA%3D%3D
Request Chain 49
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLD8mGNCiE7rlAckLveuAO-5H_ndraoyL-rg2wOBGj_UrwY_nfDD3CNvzwNXN4rPLrOrTe_aX7Qgc3QyWmrKCKkwX5Tfw&google_gid=CAESEIlerP3sT7MIpIdGH0Sbhfo&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLiLspQGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBMRDhtR05DaUU3cmxBY2tMdmV1QU8tNUhfbmRyYW95TC1yZzJ3T0JHal9VcndZX25mREQzQ052endOWE40clBMck9yVGVfYVg3UWdjM1F5V21yS0NLa3dYNVRmdw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT2d0UTZTX0h3QXdaX2E0aDhFbllrUHdwaWstc3VCTGJxeXljTFZjTmo1cw==&google_push
Request Chain 50
  • https://rtb.openx.net/sync/dds?google_gid=CAESELFc8KrFFxJJ-088g93YUgY&google_cver=1&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESELFc8KrFFxJJ-088g93YUgY&google_cver=1&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg&google_hm=2cf7rky0ylAvALjYUbUBUg==
Request Chain 51
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHn4HYsCSqesUzEDw0g87WI&google_cver=1&google_push=AYg5qPKXUcNlVFiBDJfXVBEFhJHDsjLgSbihBr7XfD-pCcz7nUaj92DRX6Q5-xR9DIY8FLkNUiPendKB_wWbQi5ahsJZqqOqMC0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHn4HYsCSqesUzEDw0g87WI&google_cver=1&google_push=AYg5qPKXUcNlVFiBDJfXVBEFhJHDsjLgSbihBr7XfD-pCcz7nUaj92DRX6Q5-xR9DIY8FLkNUiPendKB_wWbQi5ahsJZqqOqMC0&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B4-DfGODQFeytb5UEYddzA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKXUcNlVFiBDJfXVBEFhJHDsjLgSbihBr7XfD-pCcz7nUaj92DRX6Q5-xR9DIY8FLkNUiPendKB_wWbQi5ahsJZqqOqMC0
Request Chain 52
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL7OG_JfijNUyHqZSkZYP-8&google_cver=1&google_push=AYg5qPL4H4HzvybO_7sx2ajMKW7vFGbGoYLUEtkmBUlbxpUVOq4esC3ifVYCj5eCGbT6S0hIedq7msCRSlaGyTzKYC0D7l6fxsU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKVE42UFctMUQtSVZGWA==&google_push=AYg5qPL4H4HzvybO_7sx2ajMKW7vFGbGoYLUEtkmBUlbxpUVOq4esC3ifVYCj5eCGbT6S0hIedq7msCRSlaGyTzKYC0D7l6fxsU
Request Chain 53
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_cver=1&google_push=AYg5qPKMHW9zpG1DNDB3KpcAcnaTMsz5SkmejBl6rKdRK24Vqq_TFIt-CAUkfhlJKwSz0RyCJFBbIAVGfuggry6CZmNifsMZpw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_push=AYg5qPKMHW9zpG1DNDB3KpcAcnaTMsz5SkmejBl6rKdRK24Vqq_TFIt-CAUkfhlJKwSz0RyCJFBbIAVGfuggry6CZmNifsMZpw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoyFubjJdMNmUhOymhmq8QAABIgAAAAB&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_push=AYg5qPKMHW9zpG1DNDB3KpcAcnaTMsz5SkmejBl6rKdRK24Vqq_TFIt-CAUkfhlJKwSz0RyCJFBbIAVGfuggry6CZmNifsMZpw&google_cver=1

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
agatha-paris.ru/ 		45 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 / PHP/7.1.33
Resource Hash
a3ab7d20d01d7749ba4c3ebcff1a6d78a002348e2d28587ff28df124d988be3f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 May 2022 07:13:49 GMT
Link
<http://agatha-paris.ru/wp-json/>; rel="https://api.w.org/"
Server
nginx/1.20.2
Transfer-Encoding
chunked
X-Hyper-Cache
stop - no cache header
X-Powered-By
PHP/7.1.33
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9212172011957154
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e347a337e3801f276e5fbf5de50cf81d49b0369b9444895b7670346f578c1855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://agatha-paris.ru/
Origin
http://agatha-paris.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56683
x-xss-protection
0
server
cafe
etag
13028044004825447377
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 May 2022 07:13:49 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 		312 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9212172011957154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f73491a07aed198c24b8c48e94d9cef40fdbc7abd6807a0e7992d38280d02c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113976
x-xss-protection
0
server
cafe
etag
8378775719584227694
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 May 2022 07:13:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame C3CE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9212172011957154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://agatha-paris.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
40525
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 May 2022 19:58:24 GMT
etag
1428802124239944296
expires
Mon, 06 Jun 2022 19:58:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		219 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=agatha-paris.ru&callback=_gfp_s_&client=ca-pub-9212172011957154
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0cebceac5a47072941655a04b3dbbf12866360c1c36e00c80d7d808185d54983
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=agatha-paris.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 May 2022 07:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=agatha-paris.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 May 2022 07:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D4D2 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9212172011957154&output=html&adk=1812271804&adf=3025194257&lmt=1653376430&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fagatha-paris.ru%2F&ea=0&pra=5&wgl=1&dt=1653376429862&bpp=2&bdt=189&idt=189&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://agatha-paris.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 May 2022 07:13:50 GMT
expires
Tue, 24 May 2022 07:13:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wp-emoji-release.min.js
agatha-paris.ru/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:50 GMT
Last-Modified
Tue, 10 May 2022 20:12:11 GMT
Server
nginx/1.20.2
ETag
"627ac71b-4705"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18181
style.min.css
agatha-paris.ru/wp-includes/css/dist/block-library/ 		81 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:50 GMT
Last-Modified
Tue, 10 May 2022 20:12:11 GMT
Server
nginx/1.20.2
ETag
"627ac71b-145db"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83419
default-style.css
agatha-paris.ru/wp-content/plugins/contextual-related-posts/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/plugins/contextual-related-posts/css/default-style.css?ver=5.9.3
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
47b2b704a2aac37bb4fdf7784f85c141acf9062b1212638650afa33bbbf28ad1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Mon, 26 Feb 2018 11:21:52 GMT
Server
nginx/1.20.2
ETag
"5a93edd0-589"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1417
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400i%2C700%2C700i%7CCrete+Round%3A400%2C400i&subset=latin%2Clatin-ext
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37274b8015b9a675b96d2d7305be083be7327e4a1ba7a1fc130adaf596524031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 May 2022 06:52:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 24 May 2022 07:13:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 May 2022 07:13:50 GMT
font-awesome.css
agatha-paris.ru/wp-content/themes/x-blog/assets/css/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/css/font-awesome.css?ver=4.7.0%20
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
e521c88b80de958c0dc19626569fa2b0dd20f00da067186301144b478b4d739c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-9730"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38704
slicknav.css
agatha-paris.ru/wp-content/themes/x-blog/assets/css/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/css/slicknav.css?ver=1
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
034c52a6b87610bee3c5d15af1458f0e493eac4296abcce822b5f69c3ae862f7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-db0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3504
style.css
agatha-paris.ru/wp-content/themes/x-blog/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/style.css?ver=5.9.3
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
24fc18f6a3d707e50e4a1299c39eacf4380e95a0005c838d71e7a6af7b582e1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-6cd9"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27865
custom_script.css
agatha-paris.ru/wp-content/themes/x-blog/assets/css/ 		31 B
266 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/css/custom_script.css?ver=5.9.3
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
df34f69348a9db46af7344f254487dc001ba755342bac153c309906ec82192bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-1f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31
modernizr.js
agatha-paris.ru/wp-content/themes/x-blog/assets/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/js/modernizr.js?ver=5.9.3
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
10de36cb7a7cecdfb10faad0f1ced1def2a4eee7d82b7e87b953a0eb041e1dd2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-176c"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5996
jquery.min.js
agatha-paris.ru/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Tue, 10 May 2022 20:12:11 GMT
Server
nginx/1.20.2
ETag
"627ac71b-15db1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
jquery-migrate.min.js
agatha-paris.ru/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Tue, 10 May 2022 20:12:11 GMT
Server
nginx/1.20.2
ETag
"627ac71b-2bd8"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3843552636836965
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
990df763411d149deb4ccf5fcaac6b826564ab085ad4a8e0909808379333efb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://agatha-paris.ru/
Origin
http://agatha-paris.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51579
x-xss-protection
0
server
cafe
etag
1623732034318906613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 May 2022 07:13:50 GMT
skip-link-focus-fix.js
agatha-paris.ru/wp-content/themes/x-blog/assets/js/ 		685 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-2ad"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
685
jquery.slicknav.js
agatha-paris.ru/wp-content/themes/x-blog/assets/js/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/js/jquery.slicknav.js?ver=20151215
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
cbe53415f0a681aa0dff918aa261056649122716050d6b925b37289987855b58

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:51 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-5250"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21072
main.js
agatha-paris.ru/wp-content/themes/x-blog/assets/js/ 		201 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/js/main.js?ver=20151215
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash
be037a4ef5970e9e7b7627cf0fff3d912ed313bc73be91d07878549fe30681a3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:13:52 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
ETag
"5abf71ee-c9"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400i%2C700%2C700i%7CCrete+Round%3A400%2C400i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://agatha-paris.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:28:07 GMT
x-content-type-options
nosniff
age
474353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32900
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:44:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:28:07 GMT
55xoey1sJNPjPiv1ZZZrxK170b0.woff2
fonts.gstatic.com/s/creteround/v14/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/creteround/v14/55xoey1sJNPjPiv1ZZZrxK170b0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400i%2C700%2C700i%7CCrete+Round%3A400%2C400i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6cf043c1df69a6d18b90ca67b0c71798eed5b3a9b949a942139a6e49e347285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://agatha-paris.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 23:53:25 GMT
x-content-type-options
nosniff
age
372035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11472
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:54:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 23:53:25 GMT
fontawesome-webfont.woff2
agatha-paris.ru/wp-content/themes/x-blog/assets/fonts/ 		60 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
http://agatha-paris.ru/wp-content/themes/x-blog/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/wp-content/themes/x-blog/assets/css/font-awesome.css?ver=4.7.0%20
Protocol
HTTP/1.1
Server
91.142.86.15 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
free.miran.ru
Software
nginx/1.20.2 /
Resource Hash

Request headers

Referer
http://agatha-paris.ru/wp-content/themes/x-blog/assets/css/font-awesome.css?ver=4.7.0%20
Origin
http://agatha-paris.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 07:14:00 GMT
Last-Modified
Sat, 31 Mar 2018 11:33:02 GMT
Server
nginx/1.20.2
Connection
keep-alive
Accept-Ranges
bytes
ETag
"12d68-568b3b8300c84"
Content-Length
77160
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=agatha-paris.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 May 2022 07:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=agatha-paris.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 May 2022 07:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6C9B 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9212172011957154&plah=agatha-paris.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78852382900f049141022bd0a8a984208e4d24b2a78be8f3275a1bdcdc90194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://agatha-paris.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9882
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 May 2022 07:14:00 GMT
expires
Tue, 24 May 2022 07:14:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
watch.js
mc.yandex.ru/metrika/ 		139 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
3464d6c748ffa74b09788f0aafaeca82b9c21d8751a2cfc0f15a372b494b1a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:14:00 GMT
content-encoding
br
last-modified
Wed, 18 May 2022 10:11:23 GMT
etag
"62849c1b-c64c"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
50764
expires
Tue, 24 May 2022 08:14:00 GMT
1
mc.yandex.ru/watch/47832843/
Redirect Chain
  • https://mc.yandex.ru/watch/47832843?wmode=7&page-url=http%3A%2F%2Fagatha-paris.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A11959%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.ru/watch/47832843/1?wmode=7&page-url=http%3A%2F%2Fagatha-paris.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A11959%3Afu%3A0%3Aen%3Autf-8%3...
357 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/47832843/1?wmode=7&page-url=http%3A%2F%2Fagatha-paris.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A11959%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1117010041549%3Ahid%3A368555852%3Az%3A0%3Ai%3A20220524071400%3Aet%3A1653376441%3Ac%3A1%3Arn%3A175280106%3Arqn%3A1%3Au%3A1653376441769423716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653376428111%3Ads%3A28%2C72%2C1460%2C1882%2C0%2C0%2C%2C8545%2C2%2C%2C%2C%2C11988%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653376441%3At%3AIsolation%20sous%20toiture%20garage&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
2ed6f36b9dea935018c72722007ba29e7141396abf0e5761f11a7e2d64fc1a8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 24-May-2022 07:14:00 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://agatha-paris.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
357
x-xss-protection
1; mode=block
expires
Tue, 24-May-2022 07:14:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
last-modified
Tue, 24-May-2022 07:14:00 GMT
location
/watch/47832843/1?wmode=7&page-url=http%3A%2F%2Fagatha-paris.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afp%3A11959%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1117010041549%3Ahid%3A368555852%3Az%3A0%3Ai%3A20220524071400%3Aet%3A1653376441%3Ac%3A1%3Arn%3A175280106%3Arqn%3A1%3Au%3A1653376441769423716%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1653376428111%3Ads%3A28%2C72%2C1460%2C1882%2C0%2C0%2C%2C8545%2C2%2C%2C%2C%2C11988%3Aco%3A0%3Arqnl%3A1%3Ast%3A1653376441%3At%3AIsolation%20sous%20toiture%20garage&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
http://agatha-paris.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 24-May-2022 07:14:00 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://agatha-paris.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:14:00 GMT
last-modified
Wed, 18 May 2022 10:11:23 GMT
etag
"62849c1b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 24 May 2022 08:14:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C9B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWMNru3jDkLoNBiXULu9jYZk92hJebLTHWQEtlMTiy-qRQCOoWZDhkwbO9C2Lj4Xqfd003c5STCUs-WCaScjhboL7aYTjaDdTmY7sMXDew3qr9UFA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 6C9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 07:12:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C9B 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653305577626270"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 24 May 2022 07:14:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 6C9B 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7211
x-xss-protection
0
server
cafe
etag
2988716039725867132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 07:02:49 GMT
l
www.google.com/ads/measurement/ Frame 6C9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQE6PV1DGXqb41_E0dbSv00k_Jy7g58mziEIp6kpFYIuTtTDbuZuAaF5ENYBVod9WaAG2WxDg0LtK0hTPo5K1N7-pH1og
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 07C8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGKOegsEBMAE&v=APEucNU0Qsot_bpX6aRBdIOXicU3KYHFgMTwSSr5ELta7CHSzugsm9UZ-hKmHL9j0Cd-FiakXwAgF-AWcGPWTNqDc2ze-YfGfCAVDNAzXAnNHbkeXlvuap_JVW7uRAazfKxTcEKMEaqWX2a6U-vOkaFhzgPiI_TcQyjJRQrkDsjLRVLowz47BkQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 May 2022 07:14:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6C9B 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_xE-wXskrYNFTZxRyqwNxqpvgWNGgq_woJI748RbUMEg-VV1V11tL87EVi06OTxfF4Gbn40tKbBvj5_Xy0WzW99XTJbC_eZh46mEND_WvKdrS8jtNP9O6FQ143T4EvIIYoNy3MkzDSCt2h0hz90PapvWWiw&dbm_d=AKAmf-BbTn6y_DlJdH3AcDSb2UMXSlHieAh4sWSnpHM-A7HyL2owii6ZkqHWtLGBRfpazj_Zjdg4r3btCysj01BDohsfxEiHLeeJpL3kb166ibPIZ7FrV40GBSl6QNH5tUGfyxru4sMbcbhkgEf0XVSuTmEPbEN3hGuiAErT3AvfxANDXvPxS2uW-NVj86OrJh6jpjKS11yIgAsrxmr4fepWcy4pgJWGiqL1-SM6yNH6_MUhSnw9IhmUSVSnYmVG9m6kL1oYI3sdEf20yK4ju3tIW7BT3y8LOTEcbjpVlAxDOW2IMkDV-EqAcGRdOkGEobcUBb8DVZRPExS3t-4ViwSCNq7WbcbVK8WxRelBnNFO8bDSgHmmfTlBieEEYPyyssTLUN12kaat_t_vG6bRoyM3IsxYEOwZk3FU056j4h0Ty7P_C9jwmtIsH9X2IWiW2Jq3ZMGRa1s60w4WxizUbJQN6vTObSv_L-97-gHTfcVOTxejylybbb-S1Zf2GKzy9nU-4-lYmMTFzawS7QFt5CTxDS_NGljZPhMatHtuq6V88mVphHUy7AxS73Jow5B6hr5yv5VouEdn_lEyVyACMW9siH1WbHzFOdJh_5J5XrlFcqnuk869ZqHFskDU8DShLn_JoCf5KfQOhncNDss8sM5jqX59SXtPYyuSCUunq609oZzT7sDmxtS-ML71BCbdJlV_GcJoNo4M3ZbAZ05IkG3vGpW-1YU4V6_npNJ_jihWAQrSVKj70s50Usosk7Kf5Zm88Vc-TGc3e_XvcD98MOuBCF0kVZ4g1RcYw84ET8vXS7IHRZa-8R8L-c8vHhNn7E-J5gqip3APrqsLt9AYLgsatU2Mz5hO0mK6tuDYuUAt-SkvawES7HMvvt5uHANSSj7eT_4oNr_X4bykefHTXCB-WldlwL7xkdPxCFpXfFY5F-7lCFi9RKub-YXxBTYtlvw9TzaatvVnKGsvmtLWDItyiHg9QM0l2jZMhSGUflOrZiRsEenv_REmfouL4lihbGUz-XXnDGDr6nxb5hEQIXGleQe6SR1QyeHg8XQ4vTuaaPtGO6wPq2UzrRoizpTOYf99b4IGjx82lrdL5pJOuqscWU8Y5uLNIZaHcjcxOn7TlzamsQqhb_HLaGQZILOyA15i9MLIVDbYI0BBf4JfpGg1hCvDfKuFSqR8G9bcZvowtVWFAMCxobOoYonMjr57NXiMyFBH708yrOR1nId2j12JY5jDozysEq5mG6GY7EaXw2iT2LOCeROa5nyA68_ubj1Ej2FBWEl8MwBKjm5Br1ZUByQO5Nx238h-A9YQUNwyflwmu8_zzQwLNkSjG4JdiY9SLmCsJrhivJZAMzXKIbfLCm6TK-CHyGR_e6O5OkFynUOtg36vV2pUYzEUsJsdVlFRhfde0sTgOnVIiI28wESgnmxeCaA05MnaaOyrxj4N5Lzodggs3-51-dahPOFyrt0v4yJog67Xa1Fm56iLC_x-Ga3trMYAMLcCQdhGvm_yz-pApghQiAdLFaLxNY2TeYMTg5jr1LX4YNsGYoFRTghK5L9ddB_bo4Bv5nlawJJufSh58tLZlcEmNPciDHNChVBeATDJd0aAQDLXmieyX0MMNatj6t9Q1RQqasU5tHIk7c_D7elWmC8DFU9yicnY2Oscij78-cfXY6LF5do-iswcNdBvSCUWWa5z830wDmoNJOxQ6x_ScKJQdtbKXWuHjCxtgdH9rCti-q2GI2HeGImo-6kA6Rnbjgy6jk7ea57qOFCN1ZHLXDONYNKVwMdgD2s39l4ZBk4qk0hFI9Yj2_JN0HBiwIAEVw84Adnj7PRfXOeCzwo_OMp0g2feQXKrYWW9W6_mItVpJIka30rrWisBKtMNk-h9GeXN25XhnNSj89X9z0Z0k7-TyT9B-fcqO939LPL2fZFeOV26TJ-9Bl1lzLfFOPHDHiITc7GeSrXWhnVmwPdG4bJFH6GC4PMgQGyqFKZquGdTeoDLSAGl5Rp6UCSPHPYtJHDVo5JlYPyRqZlwc3FeAPbrDhyBWAB71GORjNhyjaKH8U2hJ7lte37uiG4ACiNcQAm6p_dvCcCWCuOTd1m2w0evAinUigDhFIGnyHnrlHpu5UjeBnmvxqtNx55ZVsgQyAPnait5C3yltydxCVxX5J_8VpuQG4Lq0nkL59048innBThkvAIlhV1xZYjRuYmSi0YEsKz2ILER5lDiAM9OtFPoaRi0qKWZ3kFQXccMmvR4YtwmyyQ4hERkvDplhUXaPFztHODcIhm-bM9n2P7MRTkEm6QNPbzGaVAAadTv-Gat5tUqSqDuVCXP42F3oGZcHBlcp1PJjLawHEFDY7MXKPyV-ddH-PTMRjSJbfCgMqEPRzCcS2tRMHW17clmHU1M4VWmNLzzVebdcHImSpXpFYmDzC7SmO7XevlCTmS6F2lFEiygmYxJMzvwCDHwR3uX29GcIvS1gvAfSEui4YeJO2CLHUsLWSaZKe5el5B4BgBom4faSoU6wr1WuWSXw2B9I8KUMjitWEuz4n6VbkQ3P-TyUBF772BJy77TfeNsgK8BmY96z8qOtWwoz63Hzm4g68zxqGfMB7awgnNxbCZjaKWjb6QSAwpEA9oXgkrmegBiDTTo4VGQVqtUyvzc6QZAjzj27FmnRjOxt3yHhoOfXJtE56ukWlUCHVFyJ5II7RT_5c0-NVxo-zSj06LzoEx8ULbj89H2c-5XsBihMKot_g6Al50TpRMKuyKkhC0xGwhCuJCxE2EivkGwBXRuzfwHJvLbi-DMfvr-Jcyqqe3HFIJZ-OtMDMVmzPqJ30CYeJrzQlamLd9BAzeb6X4nOrJkRJ-MfNzdFSTxkkWvcHOfQuiGlTLAhyVX9ZwaE6R8Frv7-s0UOXiFFRJhXaAeSwpyw6F84jai7DU96ireqQlAHDt7U-SEhZh7v_vdjklHw1KESEtKu6kcTd33Ky--mEVMPOjJofUm8tfAnvaeevItGnYLIZFo3Fo9qKx7IkMVQAd1g9kMh9OkrPbCO_D6tClme6gSP26J-BD26jxY5TLlaQ0yRGtKbtcy9xch2PlQjobrPRzwgillT8lj7GfNRep9dxgM328vs8GHF3I7uHSIAiETzDkatUmm2l73gGdTS2gXsJ51v-WOpRvi6EZHBmz-nnUG9ks42YSXp0pjuaPsxXZimPmRoeFncddnmDR16PYk&cid=CAASJeRouFfJ33OoAVT0Qe_gJnZYIsMTwMaZ2r2GAVH97gyx7U8eGa0&rfl=1%2Chttp%253A%252F%252Fagatha-paris.ru%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88f771638ccf139cb939e8dcee4fe865abc975cea143da662800b58174768b4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33429
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 07C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGKOegsEBMAE&v=APEucNU0Qsot_bpX6aRBdIOXicU3KYHFgMTwSSr5ELta7CHSzugsm9UZ-hKmHL9j0Cd-FiakXwAgF-AWcGPWTNqDc2ze-YfGfCAVDNAzXAnNHbkeXlvuap_JVW7uRAazfKxTcEKMEaqWX2a6U-vOkaFhzgPiI_TcQyjJRQrkDsjLRVLowz47BkQ
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 May 2022 07:14:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 May 2022 07:14:01 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 May 2022 07:14:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 24 May 2022 07:14:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 07C8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoyFuORHDxPGC9zIjnSefwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGKOegsEBMAE&v=APEucNU0Qsot_bpX6aRBdIOXicU3KYHFgMTwSSr5ELta7CHSzugsm9UZ-hKmHL9j0Cd-FiakXwAgF-AWcGPWTNqDc2ze-YfGfCAVDNAzXAnNHbkeXlvuap_JVW7uRAazfKxTcEKMEaqWX2a6U-vOkaFhzgPiI_TcQyjJRQrkDsjLRVLowz47BkQ
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 May 2022 07:14:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 24 May 2022 07:14:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVZ_LmlVwgdsd650X1llN4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 07C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOsKpNVfu8PLwdbUx5c7Q4Q&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsKpNVfu8PLwdbUx5c7Q4Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGKOegsEBMAE&v=APEucNU0Qsot_bpX6aRBdIOXicU3KYHFgMTwSSr5ELta7CHSzugsm9UZ-hKmHL9j0Cd-FiakXwAgF-AWcGPWTNqDc2ze-YfGfCAVDNAzXAnNHbkeXlvuap_JVW7uRAazfKxTcEKMEaqWX2a6U-vOkaFhzgPiI_TcQyjJRQrkDsjLRVLowz47BkQ
Protocol
HTTP/1.1
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 May 2022 07:14:00 GMT
X-Proxy-Origin
92.222.212.18; 92.222.212.18; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
65caf373-a0b3-4c48-8ba7-0f0459b57d9b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsKpNVfu8PLwdbUx5c7Q4Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 07C8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMwOTAyMzk3NDg1NTI4MTQ0OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMwOTAyMzk3NDg1NTI4MTQ0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCs8_wBGKOegsEBMAE&v=APEucNU0Qsot_bpX6aRBdIOXicU3KYHFgMTwSSr5ELta7CHSzugsm9UZ-hKmHL9j0Cd-FiakXwAgF-AWcGPWTNqDc2ze-YfGfCAVDNAzXAnNHbkeXlvuap_JVW7uRAazfKxTcEKMEaqWX2a6U-vOkaFhzgPiI_TcQyjJRQrkDsjLRVLowz47BkQ
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 May 2022 07:14:00 GMT
X-Proxy-Origin
92.222.212.18; 92.222.212.18; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c69e909a-c431-46f1-aee5-ea876a3dac8c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMwOTAyMzk3NDg1NTI4MTQ0OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6C9B 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 13:38:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 May 2022 13:38:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 6C9B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_xE-wXskrYNFTZxRyqwNxqpvgWNGgq_woJI748RbUMEg-VV1V11tL87EVi06OTxfF4Gbn40tKbBvj5_Xy0WzW99XTJbC_eZh46mEND_WvKdrS8jtNP9O6FQ143T4EvIIYoNy3MkzDSCt2h0hz90PapvWWiw&dbm_d=AKAmf-BbTn6y_DlJdH3AcDSb2UMXSlHieAh4sWSnpHM-A7HyL2owii6ZkqHWtLGBRfpazj_Zjdg4r3btCysj01BDohsfxEiHLeeJpL3kb166ibPIZ7FrV40GBSl6QNH5tUGfyxru4sMbcbhkgEf0XVSuTmEPbEN3hGuiAErT3AvfxANDXvPxS2uW-NVj86OrJh6jpjKS11yIgAsrxmr4fepWcy4pgJWGiqL1-SM6yNH6_MUhSnw9IhmUSVSnYmVG9m6kL1oYI3sdEf20yK4ju3tIW7BT3y8LOTEcbjpVlAxDOW2IMkDV-EqAcGRdOkGEobcUBb8DVZRPExS3t-4ViwSCNq7WbcbVK8WxRelBnNFO8bDSgHmmfTlBieEEYPyyssTLUN12kaat_t_vG6bRoyM3IsxYEOwZk3FU056j4h0Ty7P_C9jwmtIsH9X2IWiW2Jq3ZMGRa1s60w4WxizUbJQN6vTObSv_L-97-gHTfcVOTxejylybbb-S1Zf2GKzy9nU-4-lYmMTFzawS7QFt5CTxDS_NGljZPhMatHtuq6V88mVphHUy7AxS73Jow5B6hr5yv5VouEdn_lEyVyACMW9siH1WbHzFOdJh_5J5XrlFcqnuk869ZqHFskDU8DShLn_JoCf5KfQOhncNDss8sM5jqX59SXtPYyuSCUunq609oZzT7sDmxtS-ML71BCbdJlV_GcJoNo4M3ZbAZ05IkG3vGpW-1YU4V6_npNJ_jihWAQrSVKj70s50Usosk7Kf5Zm88Vc-TGc3e_XvcD98MOuBCF0kVZ4g1RcYw84ET8vXS7IHRZa-8R8L-c8vHhNn7E-J5gqip3APrqsLt9AYLgsatU2Mz5hO0mK6tuDYuUAt-SkvawES7HMvvt5uHANSSj7eT_4oNr_X4bykefHTXCB-WldlwL7xkdPxCFpXfFY5F-7lCFi9RKub-YXxBTYtlvw9TzaatvVnKGsvmtLWDItyiHg9QM0l2jZMhSGUflOrZiRsEenv_REmfouL4lihbGUz-XXnDGDr6nxb5hEQIXGleQe6SR1QyeHg8XQ4vTuaaPtGO6wPq2UzrRoizpTOYf99b4IGjx82lrdL5pJOuqscWU8Y5uLNIZaHcjcxOn7TlzamsQqhb_HLaGQZILOyA15i9MLIVDbYI0BBf4JfpGg1hCvDfKuFSqR8G9bcZvowtVWFAMCxobOoYonMjr57NXiMyFBH708yrOR1nId2j12JY5jDozysEq5mG6GY7EaXw2iT2LOCeROa5nyA68_ubj1Ej2FBWEl8MwBKjm5Br1ZUByQO5Nx238h-A9YQUNwyflwmu8_zzQwLNkSjG4JdiY9SLmCsJrhivJZAMzXKIbfLCm6TK-CHyGR_e6O5OkFynUOtg36vV2pUYzEUsJsdVlFRhfde0sTgOnVIiI28wESgnmxeCaA05MnaaOyrxj4N5Lzodggs3-51-dahPOFyrt0v4yJog67Xa1Fm56iLC_x-Ga3trMYAMLcCQdhGvm_yz-pApghQiAdLFaLxNY2TeYMTg5jr1LX4YNsGYoFRTghK5L9ddB_bo4Bv5nlawJJufSh58tLZlcEmNPciDHNChVBeATDJd0aAQDLXmieyX0MMNatj6t9Q1RQqasU5tHIk7c_D7elWmC8DFU9yicnY2Oscij78-cfXY6LF5do-iswcNdBvSCUWWa5z830wDmoNJOxQ6x_ScKJQdtbKXWuHjCxtgdH9rCti-q2GI2HeGImo-6kA6Rnbjgy6jk7ea57qOFCN1ZHLXDONYNKVwMdgD2s39l4ZBk4qk0hFI9Yj2_JN0HBiwIAEVw84Adnj7PRfXOeCzwo_OMp0g2feQXKrYWW9W6_mItVpJIka30rrWisBKtMNk-h9GeXN25XhnNSj89X9z0Z0k7-TyT9B-fcqO939LPL2fZFeOV26TJ-9Bl1lzLfFOPHDHiITc7GeSrXWhnVmwPdG4bJFH6GC4PMgQGyqFKZquGdTeoDLSAGl5Rp6UCSPHPYtJHDVo5JlYPyRqZlwc3FeAPbrDhyBWAB71GORjNhyjaKH8U2hJ7lte37uiG4ACiNcQAm6p_dvCcCWCuOTd1m2w0evAinUigDhFIGnyHnrlHpu5UjeBnmvxqtNx55ZVsgQyAPnait5C3yltydxCVxX5J_8VpuQG4Lq0nkL59048innBThkvAIlhV1xZYjRuYmSi0YEsKz2ILER5lDiAM9OtFPoaRi0qKWZ3kFQXccMmvR4YtwmyyQ4hERkvDplhUXaPFztHODcIhm-bM9n2P7MRTkEm6QNPbzGaVAAadTv-Gat5tUqSqDuVCXP42F3oGZcHBlcp1PJjLawHEFDY7MXKPyV-ddH-PTMRjSJbfCgMqEPRzCcS2tRMHW17clmHU1M4VWmNLzzVebdcHImSpXpFYmDzC7SmO7XevlCTmS6F2lFEiygmYxJMzvwCDHwR3uX29GcIvS1gvAfSEui4YeJO2CLHUsLWSaZKe5el5B4BgBom4faSoU6wr1WuWSXw2B9I8KUMjitWEuz4n6VbkQ3P-TyUBF772BJy77TfeNsgK8BmY96z8qOtWwoz63Hzm4g68zxqGfMB7awgnNxbCZjaKWjb6QSAwpEA9oXgkrmegBiDTTo4VGQVqtUyvzc6QZAjzj27FmnRjOxt3yHhoOfXJtE56ukWlUCHVFyJ5II7RT_5c0-NVxo-zSj06LzoEx8ULbj89H2c-5XsBihMKot_g6Al50TpRMKuyKkhC0xGwhCuJCxE2EivkGwBXRuzfwHJvLbi-DMfvr-Jcyqqe3HFIJZ-OtMDMVmzPqJ30CYeJrzQlamLd9BAzeb6X4nOrJkRJ-MfNzdFSTxkkWvcHOfQuiGlTLAhyVX9ZwaE6R8Frv7-s0UOXiFFRJhXaAeSwpyw6F84jai7DU96ireqQlAHDt7U-SEhZh7v_vdjklHw1KESEtKu6kcTd33Ky--mEVMPOjJofUm8tfAnvaeevItGnYLIZFo3Fo9qKx7IkMVQAd1g9kMh9OkrPbCO_D6tClme6gSP26J-BD26jxY5TLlaQ0yRGtKbtcy9xch2PlQjobrPRzwgillT8lj7GfNRep9dxgM328vs8GHF3I7uHSIAiETzDkatUmm2l73gGdTS2gXsJ51v-WOpRvi6EZHBmz-nnUG9ks42YSXp0pjuaPsxXZimPmRoeFncddnmDR16PYk&cid=CAASJeRouFfJ33OoAVT0Qe_gJnZYIsMTwMaZ2r2GAVH97gyx7U8eGa0&rfl=1%2Chttp%253A%252F%252Fagatha-paris.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 07:07:17 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 6C9B 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_xE-wXskrYNFTZxRyqwNxqpvgWNGgq_woJI748RbUMEg-VV1V11tL87EVi06OTxfF4Gbn40tKbBvj5_Xy0WzW99XTJbC_eZh46mEND_WvKdrS8jtNP9O6FQ143T4EvIIYoNy3MkzDSCt2h0hz90PapvWWiw&dbm_d=AKAmf-BbTn6y_DlJdH3AcDSb2UMXSlHieAh4sWSnpHM-A7HyL2owii6ZkqHWtLGBRfpazj_Zjdg4r3btCysj01BDohsfxEiHLeeJpL3kb166ibPIZ7FrV40GBSl6QNH5tUGfyxru4sMbcbhkgEf0XVSuTmEPbEN3hGuiAErT3AvfxANDXvPxS2uW-NVj86OrJh6jpjKS11yIgAsrxmr4fepWcy4pgJWGiqL1-SM6yNH6_MUhSnw9IhmUSVSnYmVG9m6kL1oYI3sdEf20yK4ju3tIW7BT3y8LOTEcbjpVlAxDOW2IMkDV-EqAcGRdOkGEobcUBb8DVZRPExS3t-4ViwSCNq7WbcbVK8WxRelBnNFO8bDSgHmmfTlBieEEYPyyssTLUN12kaat_t_vG6bRoyM3IsxYEOwZk3FU056j4h0Ty7P_C9jwmtIsH9X2IWiW2Jq3ZMGRa1s60w4WxizUbJQN6vTObSv_L-97-gHTfcVOTxejylybbb-S1Zf2GKzy9nU-4-lYmMTFzawS7QFt5CTxDS_NGljZPhMatHtuq6V88mVphHUy7AxS73Jow5B6hr5yv5VouEdn_lEyVyACMW9siH1WbHzFOdJh_5J5XrlFcqnuk869ZqHFskDU8DShLn_JoCf5KfQOhncNDss8sM5jqX59SXtPYyuSCUunq609oZzT7sDmxtS-ML71BCbdJlV_GcJoNo4M3ZbAZ05IkG3vGpW-1YU4V6_npNJ_jihWAQrSVKj70s50Usosk7Kf5Zm88Vc-TGc3e_XvcD98MOuBCF0kVZ4g1RcYw84ET8vXS7IHRZa-8R8L-c8vHhNn7E-J5gqip3APrqsLt9AYLgsatU2Mz5hO0mK6tuDYuUAt-SkvawES7HMvvt5uHANSSj7eT_4oNr_X4bykefHTXCB-WldlwL7xkdPxCFpXfFY5F-7lCFi9RKub-YXxBTYtlvw9TzaatvVnKGsvmtLWDItyiHg9QM0l2jZMhSGUflOrZiRsEenv_REmfouL4lihbGUz-XXnDGDr6nxb5hEQIXGleQe6SR1QyeHg8XQ4vTuaaPtGO6wPq2UzrRoizpTOYf99b4IGjx82lrdL5pJOuqscWU8Y5uLNIZaHcjcxOn7TlzamsQqhb_HLaGQZILOyA15i9MLIVDbYI0BBf4JfpGg1hCvDfKuFSqR8G9bcZvowtVWFAMCxobOoYonMjr57NXiMyFBH708yrOR1nId2j12JY5jDozysEq5mG6GY7EaXw2iT2LOCeROa5nyA68_ubj1Ej2FBWEl8MwBKjm5Br1ZUByQO5Nx238h-A9YQUNwyflwmu8_zzQwLNkSjG4JdiY9SLmCsJrhivJZAMzXKIbfLCm6TK-CHyGR_e6O5OkFynUOtg36vV2pUYzEUsJsdVlFRhfde0sTgOnVIiI28wESgnmxeCaA05MnaaOyrxj4N5Lzodggs3-51-dahPOFyrt0v4yJog67Xa1Fm56iLC_x-Ga3trMYAMLcCQdhGvm_yz-pApghQiAdLFaLxNY2TeYMTg5jr1LX4YNsGYoFRTghK5L9ddB_bo4Bv5nlawJJufSh58tLZlcEmNPciDHNChVBeATDJd0aAQDLXmieyX0MMNatj6t9Q1RQqasU5tHIk7c_D7elWmC8DFU9yicnY2Oscij78-cfXY6LF5do-iswcNdBvSCUWWa5z830wDmoNJOxQ6x_ScKJQdtbKXWuHjCxtgdH9rCti-q2GI2HeGImo-6kA6Rnbjgy6jk7ea57qOFCN1ZHLXDONYNKVwMdgD2s39l4ZBk4qk0hFI9Yj2_JN0HBiwIAEVw84Adnj7PRfXOeCzwo_OMp0g2feQXKrYWW9W6_mItVpJIka30rrWisBKtMNk-h9GeXN25XhnNSj89X9z0Z0k7-TyT9B-fcqO939LPL2fZFeOV26TJ-9Bl1lzLfFOPHDHiITc7GeSrXWhnVmwPdG4bJFH6GC4PMgQGyqFKZquGdTeoDLSAGl5Rp6UCSPHPYtJHDVo5JlYPyRqZlwc3FeAPbrDhyBWAB71GORjNhyjaKH8U2hJ7lte37uiG4ACiNcQAm6p_dvCcCWCuOTd1m2w0evAinUigDhFIGnyHnrlHpu5UjeBnmvxqtNx55ZVsgQyAPnait5C3yltydxCVxX5J_8VpuQG4Lq0nkL59048innBThkvAIlhV1xZYjRuYmSi0YEsKz2ILER5lDiAM9OtFPoaRi0qKWZ3kFQXccMmvR4YtwmyyQ4hERkvDplhUXaPFztHODcIhm-bM9n2P7MRTkEm6QNPbzGaVAAadTv-Gat5tUqSqDuVCXP42F3oGZcHBlcp1PJjLawHEFDY7MXKPyV-ddH-PTMRjSJbfCgMqEPRzCcS2tRMHW17clmHU1M4VWmNLzzVebdcHImSpXpFYmDzC7SmO7XevlCTmS6F2lFEiygmYxJMzvwCDHwR3uX29GcIvS1gvAfSEui4YeJO2CLHUsLWSaZKe5el5B4BgBom4faSoU6wr1WuWSXw2B9I8KUMjitWEuz4n6VbkQ3P-TyUBF772BJy77TfeNsgK8BmY96z8qOtWwoz63Hzm4g68zxqGfMB7awgnNxbCZjaKWjb6QSAwpEA9oXgkrmegBiDTTo4VGQVqtUyvzc6QZAjzj27FmnRjOxt3yHhoOfXJtE56ukWlUCHVFyJ5II7RT_5c0-NVxo-zSj06LzoEx8ULbj89H2c-5XsBihMKot_g6Al50TpRMKuyKkhC0xGwhCuJCxE2EivkGwBXRuzfwHJvLbi-DMfvr-Jcyqqe3HFIJZ-OtMDMVmzPqJ30CYeJrzQlamLd9BAzeb6X4nOrJkRJ-MfNzdFSTxkkWvcHOfQuiGlTLAhyVX9ZwaE6R8Frv7-s0UOXiFFRJhXaAeSwpyw6F84jai7DU96ireqQlAHDt7U-SEhZh7v_vdjklHw1KESEtKu6kcTd33Ky--mEVMPOjJofUm8tfAnvaeevItGnYLIZFo3Fo9qKx7IkMVQAd1g9kMh9OkrPbCO_D6tClme6gSP26J-BD26jxY5TLlaQ0yRGtKbtcy9xch2PlQjobrPRzwgillT8lj7GfNRep9dxgM328vs8GHF3I7uHSIAiETzDkatUmm2l73gGdTS2gXsJ51v-WOpRvi6EZHBmz-nnUG9ks42YSXp0pjuaPsxXZimPmRoeFncddnmDR16PYk&cid=CAASJeRouFfJ33OoAVT0Qe_gJnZYIsMTwMaZ2r2GAVH97gyx7U8eGa0&rfl=1%2Chttp%253A%252F%252Fagatha-paris.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10463
x-xss-protection
0
server
cafe
etag
17671883673189222985
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 07:13:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6C9B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 11:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 11:18:14 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A628 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
64068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 24 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6C9B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dac1281326b0138e3229d76a1e309f4db4edb70fe6dc27cd98f20a3597edb06f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame A628 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA9HUIOLzw-TYe4SoJnGsec&google_cver=1&google_push=AYg5qPJCVx3-5LogpmqkzpNDtYFLDA_Er_OLZLDBnU4aGk78DL789ntwk0LEMrRhw6cof3jOHX9xgc14mE2aedAiE2J4WvnqLlI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A628
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLD8mGNCiE7rlAckLveuAO-5H_ndraoyL-rg2wOBGj_UrwY_nfDD3CNvzwNXN4rPLrOrTe_aX7Qgc3QyWmrKCKkwX5Tfw&google_gid=CAESEIlerP3sT7MIpIdGH0Sbhfo&googl...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLiLspQGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBMRDhtR05DaUU3cmxBY2tMdmV1QU8tNUhfbmRyYW95TC1yZzJ3T0JHal9VcndZX25mREQzQ052endOWE40clBMck9yVGVfYVg3UWdjM1F5V2...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT2d0UTZTX0h3QXdaX2E0aDhFbllrUHdwaWstc3VCTGJxeXljTFZjTmo1cw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT2d0UTZTX0h3QXdaX2E0aDhFbllrUHdwaWstc3VCTGJxeXljTFZjTmo1cw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 24 May 2022 07:14:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwT2d0UTZTX0h3QXdaX2E0aDhFbllrUHdwaWstc3VCTGJxeXljTFZjTmo1cw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame A628
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESELFc8KrFFxJJ-088g93YUgY&google_cver=1&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg
  • https://rtb.openx.net/sync/dds?google_gid=CAESELFc8KrFFxJJ-088g93YUgY&google_cver=1&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg&google_hm=2cf7rky0ylAvALjYUbUBUg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg&google_hm=2cf7rky0ylAvALjYUbUBUg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:00 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLSD2guKqxNVohAmhJmnlMqDyPUeWLMQNHzSO8IcymBqt7mmCz_4Hk67FM64n18aX-aVtvQ50CN_rUk0pW-xfX88teZuQg&google_hm=2cf7rky0ylAvALjYUbUBUg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
7lmlehtctkm9bc88pr5iejl7bqtevqgh
pixel
cm.g.doubleclick.net/ Frame A628
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B4-DfGODQFeytb5UEYddzA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B4-DfGODQFeytb5UEYddzA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKXUcNlVFiBDJfXVBEFhJHDsjLgSbihBr7XfD-pCcz7nUaj92DRX6Q5-xR9DIY8FLkNUiPendKB_wWbQi5ahsJZqqOqMC0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B4-DfGODQFeytb5UEYddzA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKXUcNlVFiBDJfXVBEFhJHDsjLgSbihBr7XfD-pCcz7nUaj92DRX6Q5-xR9DIY8FLkNUiPendKB_wWbQi5ahsJZqqOqMC0
date
Tue, 24 May 2022 07:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A628
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL7OG_JfijNUyHqZSkZYP-8&google_cver=1&google_push=AYg5qPL4H4HzvybO_7sx2ajMKW7vFGbGoYLUEtkmBUlbxpUVOq4esC3ifVYCj5eCGbT6S0hIedq...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKVE42UFctMUQtSVZGWA==&google_push=AYg5qPL4H4HzvybO_7sx2ajMKW7vFGbGoYLUEtkmBUlbxpUVOq4esC3ifVYCj5eCGbT6S0hIedq7msCRSlaGyTzKYC0D7l6fxsU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKVE42UFctMUQtSVZGWA==&google_push=AYg5qPL4H4HzvybO_7sx2ajMKW7vFGbGoYLUEtkmBUlbxpUVOq4esC3ifVYCj5eCGbT6S0hIedq7msCRSlaGyTzKYC0D7l6fxsU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKVE42UFctMUQtSVZGWA==&google_push=AYg5qPL4H4HzvybO_7sx2ajMKW7vFGbGoYLUEtkmBUlbxpUVOq4esC3ifVYCj5eCGbT6S0hIedq7msCRSlaGyTzKYC0D7l6fxsU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame A628
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoyFubjJdMNmUhOymhmq8QAABIgAAAAB&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_push=AYg5qPKMHW9zpG1DNDB3KpcAcnaTMsz5SkmejBl6rKdRK24Vqq_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoyFubjJdMNmUhOymhmq8QAABIgAAAAB&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_push=AYg5qPKMHW9zpG1DNDB3KpcAcnaTMsz5SkmejBl6rKdRK24Vqq_TFIt-CAUkfhlJKwSz0RyCJFBbIAVGfuggry6CZmNifsMZpw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 May 2022 07:14:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoyFubjJdMNmUhOymhmq8QAABIgAAAAB&google_gid=CAESEN-2yx3_cGJ_YW4_ZTR7UQg&google_push=AYg5qPKMHW9zpG1DNDB3KpcAcnaTMsz5SkmejBl6rKdRK24Vqq_TFIt-CAUkfhlJKwSz0RyCJFBbIAVGfuggry6CZmNifsMZpw&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
458
Expires
Tue, 24 May 2022 07:14:01 GMT
googleredir
googlecm.hit.gemius.pl/ Frame A628 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame A628 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIF5riqcXoj2WwkzSiWt7TxAaui3H3x7LTuC0hfoktXvA_LeNhWIJGBDGe_T7oWixNJV4yEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 07:14:00 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EDB0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
70347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 May 2022 11:41:33 GMT
expires
Tue, 23 May 2023 11:41:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/4637776964287065191/ Frame 9E98 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5930f4294aab3f4b35b54f89e95e3f4b3fdbd78775f1c708ec3c55b8b98e1815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
90595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5071
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 23 May 2022 06:04:06 GMT
expires
Tue, 23 May 2023 06:04:06 GMT
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6C9B 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXjnbnBICndq9rrDPk-cxMQiDsR4rH3rS5mQOxRqlQr_gmPpLZYJD6S2S5jvdUYJfphHR8eByD3FplDa7TpDsvIw-kGsr62gdDIxskhPYL--Ywee4cgF3b-cirOUZQoZRkucS2f-4XL71grVhHNWTF_pUvSU-njndkdSUTtUKNT4JCncbALrkLlkEvJ5xUgQXM8n86dKEfthKOEVMCLbZ3BoBWrWwc1SzmY0tWCrSbhSycyPxCLszWRV3zoXxjqwj1SbqGLJ6H9b04R5dxn74EdZgYu4C9zpo_XvLSy_HtZKlvt_ccSHM3e6AwiDlqXjpq0Hkl5HwBn1yDRBY2kCUGWf-xlg5E99GvLIlK_dlyDMZLimBgVTwajgtltVpHZ2xCiwiIWw1ePorxFN2ZOQnVxTllXsXGwZ6-Z2HoMHZ63UYUSExn8fqT7aLQXxCURZflzTOaFu5lgWdCz0LvQdmnbaPvmWDuqDUNreYkTkXclDu0sl_1VVoWYlfR6UaBQ_OsVEhPfXoROant3PwOGVxmoOgGS39c1khy9Rgd-u2SEAHMqM-kVIolRlhxcOweK8N5zqlOuynpfE4p16FwK8suS4LtGPLk3-ZT9_n58oiirq9E1_Z99YIjrrKYGcSjpqcL18W0chq0a4ebDnPX5LSRrHiUy5T8btH6VST145jq496Q5XLtC-7g4q9XOAxaHEJNBK9cokHP7jOWVHACtHOdf-iP9GZfFjVmERPvlLlheWKqf97hkRRJYkzbEYMB0iRIWL_cQoVBU5AJQkMwBfFwjW4lIzidkgwOn2jHAWlGi2ka-jX44RjOgajAg0R6BIq7weuc0HaqUwRpLWb-znTDiM_3SkWNzztqPwgc8SNSjZYyLIWLLw0X6LBgFB9_QkUGtnV9UCgr9AxeGUbqKE4Vuu1V5m-7ZG8p3ogD4TJbd3hErTSraRKiiA6UeDtO3TJaDBF2lZKsR8IttFTTjS4Fk5V1anuiNMdxOBXL2gjVzCkAOJWlaxvd9VPfgV6iR4KHZwglqhKdMZU6SREyg5zs5zp3POpqjCRBp_PD8qQE2QnmsjUFfNhSyRzuX_F3DabZend9OhRFnX5Mt_bhdbvT8bLhnJWH22ATwF79x3g8of19lJ9aJZ1KXkn4rTENIDigJMld_bEZiydRqaoI2LYjsYrf2wAV6K56u9-EC4p5fLYpIawlQQaHrkA-sioBYqxMXPR3wXtPMzmF72yAN9bVIUPRLEC-1KDZBMM5QUEFEyxoGnLr_ZTs25vqUrjDGUxhWJS2mQ&sai=AMfl-YRypcI4Tw89MDwWscrxkCHj8BPtV_30sdT8neeiuhVR_Blm4_LdoB8oIEUyY_WFCycIZBOX7beCY3sGO2FL6B14q67qDPqO7f98dcolFGAr-Dd20mLexSgZE5CewcSK6XDY85I-bDMr2kGg4A1O5Nc9_wfUkDMqiQ_FbiyLLzuoiOqh2VwQaJ6zibM6JmmP2GO4YAgnpn9ODevrPPQcdutHT-Efs6sHv-ujipnih3kYvAwE&sig=Cg0ArKJSzAbUrlj3ZKSvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=144&cbvp=1&cstd=142&cisv=r20220518.87346&adurl=
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 24 May 2022 07:14:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame EDB0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 13:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
238058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 May 2023 13:06:22 GMT
styles.min.css
s0.2mdn.net/sadbundle/4637776964287065191/ Frame 9E98 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/styles.min.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2e55474074fbf6ab576906fb6ebe49297f02c40de05fc8b297624461e97ac1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1242
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:06 GMT
txt.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		890 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aefdcf55208fe22623f31339885cab179dfcfea495423e4b394ea41da3eb0fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:06 GMT
x-content-type-options
nosniff
age
90595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
890
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:06 GMT
txt1.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4e09cffc281f913fa4e0040a6141ce36347bc6ca4cbe093a00e1be562f0583a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1130
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
txt2.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffaf2df0e7f7a17b9febfca331892c2b34635011b9f0c382b0f9c725000eaafc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
txt3.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		643 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c94d94ea5d85c1b8ecda0d8b7831e579774905833078a90ac75747b956175665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:07 GMT
x-content-type-options
nosniff
age
90594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:07 GMT
txt4.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		823 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d068e3bba9d98be18778ae41253d68ebab01e8528dad379fd05009a05b1c757b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:07 GMT
x-content-type-options
nosniff
age
90594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
823
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:07 GMT
txt5.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		988 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d67863c3fd64fb3a547da63bd0b255b6a9be15ec1df61ec40daf39672b470c84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
988
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
txt6.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4874056f0d1f27a92be9ad8009a3527e341bd9a38159d9d560f3dd576906a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
reunion.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/reunion.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84654d2d2ed1a54feaeb8a508455d751e18bc5432e106a55402fb1730d08a5c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4930
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
txt7.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e71070868326b43ad51e79a87718aaa49053805a6eee311553934b73323dbdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:07 GMT
x-content-type-options
nosniff
age
90594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1253
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:07 GMT
picto_4G.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		607 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/picto_4G.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9036d3f4ce856350ca16309b043178339706ccc15ec88c142888b8367de35ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:07 GMT
x-content-type-options
nosniff
age
90594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
607
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:07 GMT
airbox.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/airbox.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83931a7c835c428ba6e2386215bfb43534184eab734a3be64441ced73773543b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5841
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
Footer.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/Footer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ff9b8e600f926870de9930319571956f12f92bc3ecafa345907b0487ed93ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:07 GMT
x-content-type-options
nosniff
age
90594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1047
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:07 GMT
txt8.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt8.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3faf3fe4c2878c73880726cb5fd9403d399c61749287b951ec9f46c1a876f288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1225
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
txt9.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/txt9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57a568dd38faab6f8c28650ccd35b84a08cc25ab46533a618890e1d99b0c6c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1786
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
check.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		256 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/check.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9db93b0c77da6ae5a857679304b1dfc1368e475452a3359074e2170362b31c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
check1.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		260 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/check1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e3f48fa5eb51b5d932e0e5c2c1cfe293246aee79fccce615a7553235ba07ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:07 GMT
x-content-type-options
nosniff
age
90594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:07 GMT
arg.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/arg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2e5abcf1592a72bddd007525b1f9b62679a5d5ecb7eb3af50f72e68a924fa0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
arg1.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/arg1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cdc49e404d1bb73e1c5247595f3982fc3150e5b1a5ba594b79623e1f7fcec45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1009
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
airbox2.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/airbox2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
086281139da41fa7b41a94541bbe955dd1f804766a70f6cd940680b8d6779c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:07 GMT
x-content-type-options
nosniff
age
90594
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3079
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:07 GMT
bulle.png
s0.2mdn.net/sadbundle/4637776964287065191/img/ Frame 9E98 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/img/bulle.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
794d41edc7ab949a6f34fe8df45a407ca22cd6901d0c5a56fd5c8d862cc1cf26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:13:09 GMT
x-content-type-options
nosniff
age
90052
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1768
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:13:09 GMT
scripts.min.js
s0.2mdn.net/sadbundle/4637776964287065191/ Frame 9E98 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4637776964287065191/scripts.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c2fe29f6a151348e2354506acc45406eed6295eca14b58c81cf7d14cdb4420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4637776964287065191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 06:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28740
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:57:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 06:04:06 GMT
truncated
/ Frame 9E98 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame EDB0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkxeWuIWMYtLHLN2V3gO7gYxoAAAAADgB4AQC&bg=!VFelVxPNAAZ4vKt9WLw7ACkAdvg8WutSWtUqU22m-wUhHORz6XwKiJervq5ysMHiem3Jrb_w65kTkwIAAABSUgAAAAFoAQeZAtKEn6qKevbhLOUCeBQf1j_HcQengNZhBeXLfc4tniPeOw7XOKtfsCLJGIVOkpemDMDgRVtTNPYzL_Upd-KKj1NeqS2o2MKjoa1-OdRqCrOTIqtAYvRhWf-a93Pl0kCHl2WcyUf2rLZrmTqh91rkYynHP6rVL3ayEGggwBeE_fhBIxS1mELYoIdacyBxKhWpVDReYOB0YARUTD_Ie9shvHg9CiwhzpXlfdQYW-gbpJnHx0k_Y7uy0flmF6xRJdC3kIwVnAsKmt7yIjRb7jhunKv4LvjsVDsPrMw_KGVIJmf6pEjtvsi5E49NwQQPdUBYF3VgbK6z7dAZA3SvlERZ_s9EUntP1wC_qFCK_su3sOBOMB62OQxfbi3_0znUeruoYdHyWqwVQvFX0t3YQfQSSUVC3OzeLoH_7AjT6_BFEQJvdbPq5PgaxW7F0Xc-2ykY-A0vdL_0KSXKhduvEol2p_hYD1YWPwsC_PIAIkm_wuyeFWv0RTIXuWYXsHBD0LCmo3yvEYbboSTixwFCz85iakAnjOQ4DLIwcKtjSCLf674NZMplGKvY5GVLMUWHHfEypNg39aHWjQF4bD635hdiKdpxDRrmNJaWF_tvE5Et0Mg9Sx88NAmw9uh-D6n95rPQsijAVWN3PIit-JUWva6MYMjs9hmydIhuh3YL9SEvHlQAg1F2wzKdHcXauNyiyss9Jd-nyXVfawDI_kXntnpqNgVGWIJTjH6Z44r67kINjwvxfzX7-Svq8w6DVI0Xs6n78_nQh2t0DUc_-Z5MFklPOK9fZdrvvRb1Q8bIcUQVo98YdhLFT5ds3QYR3rl8WctxGD8wTNv9loQeSdJDLbYv6Dt4x7SgaLQV7Bn3bNzuTHJEXYUZBCLgDMdJVWh1WAjGDgsjcJEB3hMa8ODcMjDTTJmDZbVID0rSU0EekpkBPlxq_8OpeZIhSgk3uxZcMWUwziqxPw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3843552636836965&output=html&h=600&slotname=9485579937&adk=1499816356&adf=450038856&pi=t.ma~as.9485579937&w=300&lmt=1653376440&psa=0&format=300x600&url=http%3A%2F%2Fagatha-paris.ru%2F&wgl=1&dt=1653376440062&bpp=11&bdt=10389&idt=11&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db6b3acd4f80f0e10-22dc41b89ccd0038%3AT%3D1653376430%3ART%3D1653376430%3AS%3DALNI_MbOjzDaz5tdW5euM_786IErWTXPfA&prev_fmts=0x0&nras=1&correlator=2490958230636&frm=20&pv=2&ga_vid=1391332208.1653376430&ga_sid=1653376430&ga_hid=1321187710&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1124&ady=581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31065825&oid=2&pvsid=4305908059983610&pem=518&tmod=1856540434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=txj9zYzgrf&p=http%3A//agatha-paris.ru&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6C9B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXjnbnBICndq9rrDPk-cxMQiDsR4rH3rS5mQOxRqlQr_gmPpLZYJD6S2S5jvdUYJfphHR8eByD3FplDa7TpDsvIw-kGsr62gdDIxskhPYL--Ywee4cgF3b-cirOUZQoZRkucS2f-4XL71grVhHNWTF_pUvSU-njndkdSUTtUKNT4JCncbALrkLlkEvJ5xUgQXM8n86dKEfthKOEVMCLbZ3BoBWrWwc1SzmY0tWCrSbhSycyPxCLszWRV3zoXxjqwj1SbqGLJ6H9b04R5dxn74EdZgYu4C9zpo_XvLSy_HtZKlvt_ccSHM3e6AwiDlqXjpq0Hkl5HwBn1yDRBY2kCUGWf-xlg5E99GvLIlK_dlyDMZLimBgVTwajgtltVpHZ2xCiwiIWw1ePorxFN2ZOQnVxTllXsXGwZ6-Z2HoMHZ63UYUSExn8fqT7aLQXxCURZflzTOaFu5lgWdCz0LvQdmnbaPvmWDuqDUNreYkTkXclDu0sl_1VVoWYlfR6UaBQ_OsVEhPfXoROant3PwOGVxmoOgGS39c1khy9Rgd-u2SEAHMqM-kVIolRlhxcOweK8N5zqlOuynpfE4p16FwK8suS4LtGPLk3-ZT9_n58oiirq9E1_Z99YIjrrKYGcSjpqcL18W0chq0a4ebDnPX5LSRrHiUy5T8btH6VST145jq496Q5XLtC-7g4q9XOAxaHEJNBK9cokHP7jOWVHACtHOdf-iP9GZfFjVmERPvlLlheWKqf97hkRRJYkzbEYMB0iRIWL_cQoVBU5AJQkMwBfFwjW4lIzidkgwOn2jHAWlGi2ka-jX44RjOgajAg0R6BIq7weuc0HaqUwRpLWb-znTDiM_3SkWNzztqPwgc8SNSjZYyLIWLLw0X6LBgFB9_QkUGtnV9UCgr9AxeGUbqKE4Vuu1V5m-7ZG8p3ogD4TJbd3hErTSraRKiiA6UeDtO3TJaDBF2lZKsR8IttFTTjS4Fk5V1anuiNMdxOBXL2gjVzCkAOJWlaxvd9VPfgV6iR4KHZwglqhKdMZU6SREyg5zs5zp3POpqjCRBp_PD8qQE2QnmsjUFfNhSyRzuX_F3DabZend9OhRFnX5Mt_bhdbvT8bLhnJWH22ATwF79x3g8of19lJ9aJZ1KXkn4rTENIDigJMld_bEZiydRqaoI2LYjsYrf2wAV6K56u9-EC4p5fLYpIawlQQaHrkA-sioBYqxMXPR3wXtPMzmF72yAN9bVIUPRLEC-1KDZBMM5QUEFEyxoGnLr_ZTs25vqUrjDGUxhWJS2mQ&sai=AMfl-YRypcI4Tw89MDwWscrxkCHj8BPtV_30sdT8neeiuhVR_Blm4_LdoB8oIEUyY_WFCycIZBOX7beCY3sGO2FL6B14q67qDPqO7f98dcolFGAr-Dd20mLexSgZE5CewcSK6XDY85I-bDMr2kGg4A1O5Nc9_wfUkDMqiQ_FbiyLLzuoiOqh2VwQaJ6zibM6JmmP2GO4YAgnpn9ODevrPPQcdutHT-Efs6sHv-ujipnih3kYvAwE&sig=Cg0ArKJSzAbUrlj3ZKSvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=351&vt=11&dtpt=207&dett=3&cstd=142&cisv=r20220518.87346&adurl=
Requested by
Host: agatha-paris.ru
URL: http://agatha-paris.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 May 2022 07:14:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C9B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6WOUcJ5wdKLJZrHGfOhDQx6iQe97ztBfy5sAthuJ2rs6CelBRaL2-TD82BgFRfPPmDqUW0zUKKb8LhRLoGx3WmQGs1FnSV24Krwc1XFWit6OLiHkpjddeFxjw&sai=AMfl-YTGrTukVxKd-pem6bOTOb5UqdTu1DOLmwodh9rrcP9fR5dpQdA1tXUfB47z9n5JQRv7lP8pDdHjjW7tdn1CPh7-2c4sA_BZnQTo6cKLGDOy1wrhick5aZSkrHI3&sig=Cg0ArKJSzISdnMMK9LVHEAE&cid=CAASJeRouFfJ33OoAVT0Qe_gJnZYIsMTwMaZ2r2GAVH97gyx7U8eGa0&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=0.87&if=1&vu=1&app=0&itpl=20&adk=1499816356&rs=2&la=0&cr=0&vs=4&r=v&rst=1653376440079&rpt=1122&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 07:14:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELkwva0Tf-AIwMjUNdQJV28&google_cver=1&google_push=AYg5qPLeIuOQ1k6CWEQdrL2xmcXG5XZIXQYAqq3aOBMMGBkQgHs4QM6WjtV_zcWM50cskv4GXrRub9J1-QJVoHLBH8Bgzg460Pox

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _wpemojiSettings object| twemoji object| wp object| html5 object| Modernizr undefined| $ function| jQuery number| google_lpabyc object| Ya object| yaCounter47832843 object| googletag

24 Cookies

Domain/Path Name / Value
.agatha-paris.ru/ Name: __gads
Value: ID=b6b3acd4f80f0e10-22dc41b89ccd0038:T=1653376430:RT=1653376430:S=ALNI_MbOjzDaz5tdW5euM_786IErWTXPfA
.agatha-paris.ru/ Name: _ym_uid
Value: 1653376441769423716
.agatha-paris.ru/ Name: _ym_d
Value: 1653376441
.yandex.ru/ Name: yandexuid
Value: 6426600781653376440
.yandex.ru/ Name: yuidss
Value: 6426600781653376440
mc.yandex.ru/ Name: yabs-sid
Value: 2111537501653376440
.yandex.ru/ Name: i
Value: pbO/XvcAMdv72ahHYYvJ9U0TNsiRVv4pgBYFQiqYIFOUMw582/9+Yw6nPkIqnOCpcV7f9z3qto3WVa2xrqVhOomEslU=
.yandex.ru/ Name: ymex
Value: 1684912440.yrts.1653376440#1684912440.yrtsi.1653376440
.agatha-paris.ru/ Name: _ym_isad
Value: 2
.doubleclick.net/ Name: IDE
Value: AHWqTUmqQ8LBwEQhN29WQHUPh21emwdpR3FrNSAVOJT4lDfaS-xUbSSH60_2KZhcrK4
.adnxs.com/ Name: uuid2
Value: 3309023974855281448
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il^l96:9!]tbPl1M>e)ZlrFUfJ+tGXxom_%4g.AFd`rN8>Kd?N>gz_Ce-:X^UXY=nO`n*bpRz*qF1`*b`JJ*1sU/
.openx.net/ Name: i
Value: d53d4ecb-4cb5-4c89-93a2-3c87e68b0815|1653376440
.quantserve.com/ Name: d
Value: ECUBCQGbJoEA
.quantserve.com/ Name: mc
Value: 628c85b8-e9679-d5f47-a6184
.casalemedia.com/ Name: CMPS
Value: 5154
.rlcdn.com/ Name: rlas3
Value: R3ciwp8ofehNS9VTKRC0lz3DPCp357BR/yTZv4nLcAo=
.rlcdn.com/ Name: pxrc
Value: CLmLspQGEgUI6AcQABIGCOndKhAA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 078F837C-6383-4057-B2B5-BE5411875DCC
.casalemedia.com/ Name: CMST
Value: YoyFuWKMhbkA
.casalemedia.com/ Name: CMRUM3
Value: 2d628c85b92760CAESEPVZ_LmlVwgdsd650X1llN4
.casalemedia.com/ Name: CMID
Value: YoyFueKXpqWHlUIMl.ghpgAA
.casalemedia.com/ Name: CMPRO
Value: 1153

1 Console Messages

Source Level URL
Text
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELkwva0Tf-AIwMjUNdQJV28&google_cver=1&google_push=AYg5qPLeIuOQ1k6CWEQdrL2xmcXG5XZIXQYAqq3aOBMMGBkQgHs4QM6WjtV_zcWM50cskv4GXrRub9J1-QJVoHLBH8Bgzg460Pox
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
agatha-paris.ru
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
googlecm.hit.gemius.pl
104.102.29.65
142.250.181.226
142.250.185.226
172.217.16.130
185.33.221.87
198.47.127.19
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a02:6b8::1:119
35.227.252.103
35.244.174.68
69.173.144.139
91.142.86.15
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
034c52a6b87610bee3c5d15af1458f0e493eac4296abcce822b5f69c3ae862f7
086281139da41fa7b41a94541bbe955dd1f804766a70f6cd940680b8d6779c1f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cebceac5a47072941655a04b3dbbf12866360c1c36e00c80d7d808185d54983
10de36cb7a7cecdfb10faad0f1ced1def2a4eee7d82b7e87b953a0eb041e1dd2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1e71070868326b43ad51e79a87718aaa49053805a6eee311553934b73323dbdf
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
24fc18f6a3d707e50e4a1299c39eacf4380e95a0005c838d71e7a6af7b582e1b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b4874056f0d1f27a92be9ad8009a3527e341bd9a38159d9d560f3dd576906a9
2ed6f36b9dea935018c72722007ba29e7141396abf0e5761f11a7e2d64fc1a8d
3464d6c748ffa74b09788f0aafaeca82b9c21d8751a2cfc0f15a372b494b1a68
37274b8015b9a675b96d2d7305be083be7327e4a1ba7a1fc130adaf596524031
3faf3fe4c2878c73880726cb5fd9403d399c61749287b951ec9f46c1a876f288
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
47b2b704a2aac37bb4fdf7784f85c141acf9062b1212638650afa33bbbf28ad1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a568dd38faab6f8c28650ccd35b84a08cc25ab46533a618890e1d99b0c6c0c
57c2fe29f6a151348e2354506acc45406eed6295eca14b58c81cf7d14cdb4420
5930f4294aab3f4b35b54f89e95e3f4b3fdbd78775f1c708ec3c55b8b98e1815
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6e3f48fa5eb51b5d932e0e5c2c1cfe293246aee79fccce615a7553235ba07ab1
794d41edc7ab949a6f34fe8df45a407ca22cd6901d0c5a56fd5c8d862cc1cf26
7aefdcf55208fe22623f31339885cab179dfcfea495423e4b394ea41da3eb0fd
83931a7c835c428ba6e2386215bfb43534184eab734a3be64441ced73773543b
84654d2d2ed1a54feaeb8a508455d751e18bc5432e106a55402fb1730d08a5c6
88f771638ccf139cb939e8dcee4fe865abc975cea143da662800b58174768b4b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cdc49e404d1bb73e1c5247595f3982fc3150e5b1a5ba594b79623e1f7fcec45
8ff9b8e600f926870de9930319571956f12f92bc3ecafa345907b0487ed93ba6
9036d3f4ce856350ca16309b043178339706ccc15ec88c142888b8367de35ec3
990df763411d149deb4ccf5fcaac6b826564ab085ad4a8e0909808379333efb1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db93b0c77da6ae5a857679304b1dfc1368e475452a3359074e2170362b31c04
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3ab7d20d01d7749ba4c3ebcff1a6d78a002348e2d28587ff28df124d988be3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e5abcf1592a72bddd007525b1f9b62679a5d5ecb7eb3af50f72e68a924fa0b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be037a4ef5970e9e7b7627cf0fff3d912ed313bc73be91d07878549fe30681a3
c94d94ea5d85c1b8ecda0d8b7831e579774905833078a90ac75747b956175665
cbe53415f0a681aa0dff918aa261056649122716050d6b925b37289987855b58
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d068e3bba9d98be18778ae41253d68ebab01e8528dad379fd05009a05b1c757b
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d67863c3fd64fb3a547da63bd0b255b6a9be15ec1df61ec40daf39672b470c84
d6cf043c1df69a6d18b90ca67b0c71798eed5b3a9b949a942139a6e49e347285
dac1281326b0138e3229d76a1e309f4db4edb70fe6dc27cd98f20a3597edb06f
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df34f69348a9db46af7344f254487dc001ba755342bac153c309906ec82192bc
e2e55474074fbf6ab576906fb6ebe49297f02c40de05fc8b297624461e97ac1b
e347a337e3801f276e5fbf5de50cf81d49b0369b9444895b7670346f578c1855
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4e09cffc281f913fa4e0040a6141ce36347bc6ca4cbe093a00e1be562f0583a
e521c88b80de958c0dc19626569fa2b0dd20f00da067186301144b478b4d739c
e78852382900f049141022bd0a8a984208e4d24b2a78be8f3275a1bdcdc90194
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73491a07aed198c24b8c48e94d9cef40fdbc7abd6807a0e7992d38280d02c39
ffaf2df0e7f7a17b9febfca331892c2b34635011b9f0c382b0f9c725000eaafc