au-donetsk.ru Open in urlscan Pro
2606:4700:3030::6815:1c18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au-donetsk.ru/
Submission Tags: krdprod
Submission: On November 27 via api (November 27th 2021, 5:07:14 pm UTC) from JP — Scanned from JP

Summary HTTP 117 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 21 domains to perform 117 HTTP transactions. The main IP is 2606:4700:3030::6815:1c18, located in United States and belongs to CLOUDFLARENET, US. The main domain is au-donetsk.ru.
TLS certificate: Issued by R3 on November 24th 2021. Valid for: 3 months.

This is the only time au-donetsk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:303... 2606:4700:3030::6815:1c18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4004:826::200a	15169 (GOOGLE) (GOOGLE)
1	23.108.96.47 23.108.96.47	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
6	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.217.175.2 172.217.175.2	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:819::2001	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:821::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:81f::2004	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:813::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
5	172.217.175.66 172.217.175.66	15169 (GOOGLE) (GOOGLE)
4 6	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
6 6	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
4 4	107.178.244.193 107.178.244.193	15169 (GOOGLE) (GOOGLE)
2 2	52.194.50.162 52.194.50.162	16509 (AMAZON-02) (AMAZON-02)
1 1	18.177.11.95 18.177.11.95	16509 (AMAZON-02) (AMAZON-02)
1 1	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
2 2	103.231.99.78 103.231.99.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
117	19

31 2606:4700:3030::6815:1c18 (United States)

ASN13335 (CLOUDFLARENET, US)

au-donetsk.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.96.47 (Atlanta, United States)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

tneduf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.175.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:819::2001 (Australia)

ASN15169 (GOOGLE, US)

42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:821::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81f::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:813::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.175.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.202.26 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.193 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.194.50.162 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-50-162.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.11.95 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.214 (Russian Federation) 1 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.78 (Japan) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	au-donetsk.ru au-donetsk.ru	430 KB
30	googlesyndication.com 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	299 KB
14	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	228 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	83 KB
10	yandex.ru 3 redirects mc.yandex.ru	68 KB
6	mookie1.com 6 redirects odr.mookie1.com	3 KB
6	bidswitch.net 4 redirects x.bidswitch.net	4 KB
6	google.com adservice.google.com www.google.com	2 KB
4	tapad.com 4 redirects pixel.tapad.com	2 KB
4	googletagservices.com www.googletagservices.com	136 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	zx-adnet.com cdn.zx-adnet.com	20 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	agkn.com 2 redirects aa.agkn.com	743 B
2	google.co.jp adservice.google.co.jp	914 B
1	adriver.ru 1 redirects ssp.adriver.ru	338 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp	680 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	538 B
1	googleadservices.com partner.googleadservices.com	247 B
1	onetrust.com geolocation.onetrust.com	399 B
1	tneduf.com tneduf.com	19 KB
117	21

	Domain	Requested by
31	au-donetsk.ru	au-donetsk.ru
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	mc.yandex.ru	3 redirects au-donetsk.ru
8	securepubads.g.doubleclick.net	cdn.zx-adnet.com www.googletagservices.com securepubads.g.doubleclick.net au-donetsk.ru
6	odr.mookie1.com	6 redirects
6	x.bidswitch.net	4 redirects
6	fonts.gstatic.com	fonts.googleapis.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	pixel.tapad.com	4 redirects
4	www.gstatic.com	42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	www.google.com	42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	cdn.zx-adnet.com 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
4	fonts.googleapis.com	au-donetsk.ru 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	cdn.zx-adnet.com	au-donetsk.ru cdn.zx-adnet.com
2	image6.pubmatic.com	2 redirects
2	aa.agkn.com	2 redirects
2	42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.co.jp	securepubads.g.doubleclick.net pagead2.googlesyndication.com
1	ssp.adriver.ru	1 redirects
1	cs.r-ad.ne.jp	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	tneduf.com	au-donetsk.ru
117	27

This site contains no links.

Subject Issuer	Validity	Valid
*.au-donetsk.ru R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tneduf.com R3	`2021-11-26` - `2022-02-24`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
micuenta.kioscodeseguros.com GTS CA 1D4	`2021-11-11` - `2022-02-09`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://au-donetsk.ru/
Frame ID: 801E904ABE57285E4EDF2AA8D4EEE112
Requests: 60 HTTP requests in this frame

Frame: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1333CF027B92E25FEA84B3DBD9CAD380
Requests: 1 HTTP requests in this frame

Frame: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B6B7566100E20A2EC14FF959A9683DF
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%91%E3%81%8C%E3%82%8B%E6%9C%9F%E3%82%82%E3%81%A7%E3%83%86%E3%82%BD%E3%80%823%E3%81%AE%E3%83%AA%E7%94%A3%E3%83%BC%E3%82%A9M%E3%83%B3%E6%A5%AD%E3%81%BE%E2%84%A2%E7%B6%9A%E9%95%B7R%E4%BD%BF%E3%82%B9%E3%82%8A%E5%8F%96%E6%89%B1%E3%81%AF%E3%81%84%E3%82%B7%E3%83%97%E3%81%82%E6%8C%81%E7%9F%AD%E3%81%AB%E3%81%99%E3%83%95%E3%83%9E%E3%83%A7%E3%80%81%E3%83%A5S%E9%96%93%E7%94%A8
Frame ID: 7B301D9122DEDD3E236C42E0E97D1388
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1029F2D131E56631C45B2AB6319FFCAE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14CD507747943309CDD1B73166E5D459
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTGoK1Hu7p18iwtdwQ4BEKzLKJCB8NxJPeNdHSB_gD-XAQp10gvTZK2ai6zyow0J0_I3TezDWIo8WWBI-Qjz9ETQZs2dI9e6uiAsEAwcwEkHL4bfePkGKmsHNRr0F4pdCiZZNXqTIrzQCGg08Dgeq5-KnQ36d7LDsLykvvodXrpvvt_f2HODg6HoBQ7-C4yMDttQcdZMBs1qZjcNpGJlene2EajopH6O2NbUcY1e3zSvcgG_trEXIv0GxpA3V9TF-2hkAfGQ578i_SO-xlx6DBmyxgW9KyMXAkKjSvPcCoXUGuoBMDFzl1xT7namrNPvQ&sai=AMfl-YRrTSN4gFpWqvNDqesZRHaKZn6nj5SpwtADhye0lOU80FuRPdDbjyJxTWZGuLGZfuZUqjXUJNgTCg6qqltYfOgup91AdhLWrYLToT-8Z9LvqTcewVqFX_t4hgfqo38&sig=Cg0ArKJSzCtsHRyfBFVEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8E53C874C3C79433790E60DB7001E7F5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=zxscth_overlay&adk=2330404427&adf=816031633&pi=t.ma~as.zxscth_overlay&w=1200&fwrn=3&fwrnh=100&format=1200x90&url=https%3A%2F%2Fau-donetsk.ru%2F&ea=0&flash=0&fwr=0&rh=90&rw=1200&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638032830215&bpp=11&bdt=117&idt=227&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&cookie=ID%3D67a70939ab9b66b2-22c27a8946cf0061%3AT%3D1638032829%3AS%3DALNI_MZyuRZc6M-JsGuWs2oxzUCqYIK9kA&correlator=2542536986096&frm=23&ife=4&pv=2&ga_vid=1862247512.1638032830&ga_sid=1638032830&ga_hid=1771976287&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=0&ady=1183&biw=1600&bih=1200&isw=1600&ish=90&ifk=1415515115&scr_x=0&scr_y=0&eid=31063183&oid=2&pvsid=984481737101638&pem=852&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgso1dnvnk7o&fsb=1&dtd=243
Frame ID: 50A4351AA312073F0110FCCDFF38591C
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E62F4C06872AC03903D14CF014891E48
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: BDB2BEEEC335C898B0A39B52F0B6BC31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AF944224B1465084C0C156E7DB238DB8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7952A035EF0B907DEE3BCB5A6D088D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Попугайчик - Всё про попугаев

Page Statistics

117
Requests

91 %
HTTPS

52 %
IPv6

21
Domains

27
Subdomains

19
IPs

4
Countries

1287 kB
Transfer

3206 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://mc.yandex.ru/watch/71712652?wmode=7&page-url=https%3A%2F%2Fau-donetsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49x2vr%3Afp%3A4155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1075590193764%3Ahid%3A503296322%3Az%3A0%3Ai%3A20211127170709%3Aet%3A1638032829%3Ac%3A1%3Arn%3A893148677%3Arqn%3A1%3Au%3A1638032829754276232%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638032823789%3Ads%3A0%2C11%2C2760%2C1%2C0%2C0%2C%2C1388%2C3%2C%2C%2C%2C4945%3Adsn%3A0%2C11%2C2760%2C1%2C%2C0%2C%2C1389%2C2%2C%2C%2C%2C4945%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638032829%3At%3A%D0%9F%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B9%D1%87%D0%B8%D0%BA%20-%20%D0%92%D1%81%D1%91%20%D0%BF%D1%80%D0%BE%20%D0%BF%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B5%D0%B2&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.ru/watch/71712652/1?wmode=7&page-url=https%3A%2F%2Fau-donetsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49x2vr%3Afp%3A4155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1075590193764%3Ahid%3A503296322%3Az%3A0%3Ai%3A20211127170709%3Aet%3A1638032829%3Ac%3A1%3Arn%3A893148677%3Arqn%3A1%3Au%3A1638032829754276232%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638032823789%3Ads%3A0%2C11%2C2760%2C1%2C0%2C0%2C%2C1388%2C3%2C%2C%2C%2C4945%3Adsn%3A0%2C11%2C2760%2C1%2C%2C0%2C%2C1389%2C2%2C%2C%2C%2C4945%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638032829%3At%3A%D0%9F%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B9%D1%87%D0%B8%D0%BA%20-%20%D0%92%D1%81%D1%91%20%D0%BF%D1%80%D0%BE%20%D0%BF%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B5%D0%B2&t=gdpr%2814%29ti%282%29

Request Chain 46

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SCTH%22:{%22au-donetsk.ru%22:{%22https://au-donetsk.ru/%22:%22%22}}}&r=0.896419224637294 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.896419224637294

Request Chain 48

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SCTH%22:{%22au-donetsk.ru%22:{%22https://au-donetsk.ru/%22:%22%22}}}&r=0.6696736778354961 HTTP 302
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.6696736778354961

Request Chain 96

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBZE_qGMaceLfprDUlXYtxE&google_cver=1&google_push=AYg5qPJsXDEtf4wvpv_m9D9EwqzCfyMSpYw-wPXzyPKd_gXb84g2aRKSEv9KiqjwGDqVQoblRQ_tHvb8VJpcXVJqtrC2muAYdQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZE_qGMaceLfprDUlXYtxE&google_push=AYg5qPJsXDEtf4wvpv_m9D9EwqzCfyMSpYw-wPXzyPKd_gXb84g2aRKSEv9KiqjwGDqVQoblRQ_tHvb8VJpcXVJqtrC2muAYdQ

Request Chain 97

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPLlUmL9ETK6T-COPNWxZc_jdcxzkvRMqINRj2MLaSPrSM5b2qRDXf2Qhv2mjEYMhn5Dg1YIl_k2BRyAzaQjb7DxTFQZYx4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPLlUmL9ETK6T-COPNWxZc_jdcxzkvRMqINRj2MLaSPrSM5b2qRDXf2Qhv2mjEYMhn5Dg1YIl_k2BRyAzaQjb7DxTFQZYx4 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=11d1d22b-fc52-4844-bb00-2e54b60a632a&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525264174786499515&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525264174786499515&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f524fd08-d0bc-4e82-bbf6-0d11658cd35c&ssp=google&gdpr_consent=&gdpr= HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164570203983002124904&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

Request Chain 98

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEJA9kS7Si39mh5Icna5v5Co&google_cver=1&google_push=AYg5qPJgio4Ziyd-eNJtSewvK828Oc1gfZISQl3soLtbERn_dIBKeSYpSX7rdRlFisXsTENOuflfeYx5waVGfP7z9L5N7rHwhYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AYg5qPJgio4Ziyd-eNJtSewvK828Oc1gfZISQl3soLtbERn_dIBKeSYpSX7rdRlFisXsTENOuflfeYx5waVGfP7z9L5N7rHwhYQ&google_hm=NHZtSDdCMDBJQkRHYTAwN1FZdm0

Request Chain 99

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPK2ARe5YQbXwyfZzcfIejpn4zfmQ4ZG02RFe7iO-DIFxMHmP9rlpY4BjrYThdbTulkLb3nrbnnzmsqY7RZNRhINeUkBkhU HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPK2ARe5YQbXwyfZzcfIejpn4zfmQ4ZG02RFe7iO-DIFxMHmP9rlpY4BjrYThdbTulkLb3nrbnnzmsqY7RZNRhINeUkBkhU HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=11d1d22b-fc52-4844-bb00-2e54b60a632a&ssp=google_jp&gdpr=&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522801270800673629&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801270800673629&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgoogle_jp%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f524fd08-d0bc-4e82-bbf6-0d11658cd35c&ssp=google_jp&gdpr_consent=&gdpr= HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164570303983002128195&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

Request Chain 100

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEOUCvX_et5EBTAf6azsDB_8&google_cver=1&google_push=AYg5qPJZcQxHdJbXNHCvPzCvF8fLh5_RZXU_lNZknnS8defBFZpzrnvHsbYW3KcjPYC4XTRq_jvs0THs0XxgWxHO9QQRmbxpKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJZcQxHdJbXNHCvPzCvF8fLh5_RZXU_lNZknnS8defBFZpzrnvHsbYW3KcjPYC4XTRq_jvs0THs0XxgWxHO9QQRmbxpKQ&google_hm=QXRZQXhYQ0p2SVR6dFpGUFdTM3g5cFE=

Request Chain 101

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGCriv8-wL1Lykt4f3J5uAw&google_cver=1&google_push=AYg5qPJFht4jd-Cn_hYPYdw2fpAkEm8jzKNdhCty_ishRZjpmCTKcIcLzbpBNOYAUrhB-9xaQMukggnAgCAJHIUIp2kXCc_i0F0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGCriv8-wL1Lykt4f3J5uAw&google_cver=1&google_push=AYg5qPJFht4jd-Cn_hYPYdw2fpAkEm8jzKNdhCty_ishRZjpmCTKcIcLzbpBNOYAUrhB-9xaQMukggnAgCAJHIUIp2kXCc_i0F0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-CzpTHNKT9qNnYSjyOfo8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJFht4jd-Cn_hYPYdw2fpAkEm8jzKNdhCty_ishRZjpmCTKcIcLzbpBNOYAUrhB-9xaQMukggnAgCAJHIUIp2kXCc_i0F0

Request Chain 102

https://cc.adingo.jp/adx/push/?google_gid=CAESEHKcsTuP7q6DqNdxsCwLJ2c&google_cver=1&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10

117 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
au-donetsk.ru/ 56 KB
10 KB 2771ms
2759ms Document
text/html 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c4092ef4a2a2daba2ae8b4db78175e96339ce0b06d75ac3976d53a0a2ea4e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0
expires: Sat, 27 Nov 2021 17:07:06 GMT
x-rocket-nginx-serving-static: No
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4L65l2lcgMnOzejPNBvxcbCRXJCK6b9r%2Fa0RGtFHDEakftLQt0tIDR3SQnYsN9duo9DGWU8FBqQasb2oPB0oBJZnz4VpyR2lACDZ4TPJ%2Bz3ZoZxJ91i4EhuefvMHvGbbkc7M056bu3qSJOw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b4cf35ccb701ecc-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 043017735fbaed9c34cccbae440d6112.css
au-donetsk.ru/wp-content/cache/min/1/ 158 KB
32 KB 1288ms
1288ms Stylesheet
text/css 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/min/1/043017735fbaed9c34cccbae440d6112.css
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845d6582db3471bc1d8af85c03d68697f55a5c8fc9a3e0f09523a7d2344e0947

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Aug 2021 01:25:30 GMT
server: cloudflare
etag: W/"610b3e0a-276ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NP5ca4PaqzQXZ1KMAsGeiGUk%2F906GAzs7pJcTtdeM0h4%2BRmB4vx2OA1sblbrI30sjkLETFBNrz3REevsma9lJ5UMUEbA9XKPoQpHeunwtX%2BzIWcEx0FwGPQjs5XFuYPp0OjGifJbg5zIHPp6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-rocket-nginx-serving-static: No
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4cf36e1b5c1ecc-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 78ms
39ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=1503ada37b0ee83ab798c31a7dc7ea4e

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29bc8d1584c12a05db9ac9637886359eb8688bb718cd946ff177dcca7cafd81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 17:07:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 17:07:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 17:07:06 GMT

GET
H2 200 jquery.min-3.5.1.js Show response
au-donetsk.ru/wp-content/cache/busting/1/wp-includes/js/jquery/ 87 KB
32 KB 16ms
16ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.5.1.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 01:21:46 GMT
server: cloudflare
etag: W/"610b3d2a-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBKiLgPhIdSAHqAddPGDd2GBa%2FnvChVXh5LBKDwKasuby6eANcppVWuhtxSKysmFuJXg0SywSSXuEyPVMeLk3sjdP2Wfb5a6z5W91wE17lYO2tHQ3wq9713R7Mg6f7LdYnGw1aSCmowZaB7W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6b4cf36e1b601ecc-NRT

GET
H3 200 base.min-2.2.1.js Show response
au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/ 64 KB
22 KB 15ms
14ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min-2.2.1.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1536aea35ab05c539a51b3a46d50931a2970ec90e881b2fe3d0dbd02b80ba7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 470
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 01:21:46 GMT
server: cloudflare
etag: W/"610b3d2a-101ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMA0ZDRf%2Fvz%2FulS%2FKUR7n38m%2Bj2vo1HPObXBbve54Yy0wGqM%2F0dPheVR4AZQf%2F0JnujnfN6PuuFNJjhwoVzqVhMiqSA2vlnOlIKKCtQe%2FO1yrzROsDtsrkWUoy6PmyQWL%2BoRQCB59NpRSmQ8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6b4cf36eaf2a20b9-NRT

GET
H3 200 advanced-1.10.7.js Show response
au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 11ms
11ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads/public/assets/js/advanced-1.10.7.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec13e85ea4fc62c5020385ee8e4248095d587407f3ec6a4999a04d858dad84fa

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 470
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 01:21:46 GMT
server: cloudflare
etag: W/"610b3d2a-1c22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHEESHktsGJLSXKVtH4GlFUpSSwaap0NggxG0WRZ14WKvycS5Rre6OvQya5ZI5zUbzjta%2FFtjVF4hmCEVaxwTgZlCGWYY0GcinfgqFS6fK4JEkwstYInSAJG2Fvr4u6dHoo5msKWs8hiWzjz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6b4cf36ecf8720b9-NRT

GET
H3 200 script-1.8.3.js Show response
au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 3 KB
2 KB 13ms
11ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-responsive/public/assets/js/script-1.8.3.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 470
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 01:21:46 GMT
server: cloudflare
etag: W/"610b3d2a-b92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3vIzgqkPR6giLaHfg9uGXIh4CZTC0gkC246ISHfRcWZBwxf9VA5Y1OZMVM1YrX2ry2MfP%2Bk2qp46y9A2M%2B9cJ3bRSIZRFcNYSz4n3opSKAxlks7yDn%2BoT1Sy6BmEej7tA7FNcFlStQb%2BOSv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6b4cf36eefd620b9-NRT

GET
H3 200 conditions.min-2.2.1.js Show response
au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/ 776 B
820 B 10ms
9ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min-2.2.1.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 470
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 01:21:46 GMT
server: cloudflare
etag: W/"610b3d2a-308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXazgIFuQ8LigRBOKyJuIpWdtwU16BBHTduWGd%2FjqmTGi%2BP5lChEpSZD5w2BEpFv9m1nNeRHTByXtqhd4On315tiries8lr4amBOSEpCYcKDFRcLCc%2BK%2BRsH%2BtOikckkNzYdxK9nHrJ4ltzH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6b4cf36ef81520b9-NRT

GET
H3 200 cfp.min-2.2.1.js Show response
au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-pro/modules/click-fraud-protection/assets/js/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-pro/modules/click-fraud-protection/assets/js/cfp.min-2.2.1.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754970eaac11fed3c9d4af1cd0c433507dc6886aa484c4530d17b3d6c73d1b1d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 470
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 01:21:46 GMT
server: cloudflare
etag: W/"610b3d2a-f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCdFskElEci7vHTWs2Ukf8EDHkBUFRzHdQjR0w5i6OILU4liEEL15A58QfzXvtspHbkAsQJR6SeIe%2BdUUz6agyMtGuHRid1maIzWxgt4ugV7esE0YvPRwo70z5uzEQN%2BR%2BFcw9ts0eLCi%2BRH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6b4cf36f084a20b9-NRT

GET
H2 200 ykpf2d7.php Show response
tneduf.com/nvh17l921/vlim0p03y/h8q867qvu687/ 58 KB
19 KB 283ms
138ms Script
application/javascript 23.108.96.47
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://tneduf.com/nvh17l921/vlim0p03y/h8q867qvu687/ykpf2d7.php
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.108.96.47 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:06 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 11:24:32 GMT
server: nginx/1.14.2
etag: "61714df0-4abc"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 19132

GET
H3 200 1.png
au-donetsk.ru/wp-content/plugins/wpfront-scroll-top/images/icons/ 2 KB
2 KB 11ms
11ms Image
image/png 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/plugins/wpfront-scroll-top/images/icons/1.png
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700cbde9afd7ae03f3222672a02f8b9957d0aece201f6cab99f77c1103630edf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1669
last-modified: Sat, 30 Jan 2021 16:51:15 GMT
server: cloudflare
etag: "60158e83-685"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihVk%2BfPv09u8mbLj4zDHvqTbOS%2FkEqmdbJa%2BV%2BtY8afd%2FsLLt0fRuQuhhKt8%2FeJprfDDmmS1ZjmmWT6HPC5FhFwpswyzfic3VXCRMIwonH8G6a%2By%2FtntAwRYwDOjwNScAeXvDwNLshzOK%2B%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf370eba520b9-NRT

GET
H3 200 layer-1.6.2.js Show response
au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-layer/public/assets/js/ 26 KB
7 KB 10ms
10ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-content/plugins/advanced-ads-layer/public/assets/js/layer-1.6.2.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4505d8c682a796cf6bf1101374e0fedad0e1b29e6f7d19c0ba7e8e6bead61134

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 05 Aug 2021 01:21:46 GMT
server: cloudflare
etag: W/"610b3d2a-69c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf4QPi2CRH6lJPdoz8F0OxvtqQy6O6lYMftPA1kF79r8KOP%2FIW1KRr15ccWYwEiYCOoNTDq%2FvOGoyPqarSbkVhsS0exJ8CnTcmZ5ti%2FZjRHqSv3SNrUTj84hUltfBQk5ASINsTKt23Hpruj6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 6b4cf3710bba20b9-NRT

GET
H3 200 87dc446c89c1db978e1cff12e77210c8.js Show response
au-donetsk.ru/wp-content/cache/min/1/ 219 KB
65 KB 1651ms
1651ms Script
application/javascript 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/cache/min/1/87dc446c89c1db978e1cff12e77210c8.js
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa4bdef2f815bb00274ef6cb7a86b646b9a3235eadb130a2cd54964b460c38c6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Aug 2021 01:33:54 GMT
server: cloudflare
etag: W/"610b4002-36bd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qAdsaKHZ%2F7wvmBVQCyBrhx%2FM%2BHwJD%2FzQQvBkfhIxi7q9HxG0dXz%2FzYdNKuHINiiVZrqwjewOp64pL5%2Bj1SK40oTbSAQ%2F4DXs3FG5jlZUdnHy2xg%2Fw4V9xKjTjohN89DsRRNE8CfbjRPUlhv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-rocket-nginx-serving-static: No
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b4cf3711bd420b9-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 794ms
265ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6458fab983f3066177cb670793ddbddda489a90491a7f4a9ca9c7f9c96677236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:08 GMT
content-encoding: br
last-modified: Fri, 26 Nov 2021 15:51:55 GMT
etag: "61a0d86b-101b9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65977
expires: Sat, 27 Nov 2021 18:07:08 GMT

GET
H3 200 loading.gif
au-donetsk.ru/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 12ms
12ms Image
image/gif 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/wp-content/cache/min/1/043017735fbaed9c34cccbae440d6112.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/wp-content/cache/min/1/043017735fbaed9c34cccbae440d6112.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1690
last-modified: Mon, 01 Mar 2021 15:46:09 GMT
server: cloudflare
etag: "603d0c41-69a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGlRQa3q0ua3YUMMNy%2FQJjAGXGa6IQxPsv6uZ4KHT6NaYN1jL6aat4NjtjPE6Ia3k2oBR%2BJvPl%2FVp6272HEf87ACYw13BE6Gj9%2F6edNNQJzzOi1wVG9wAm9HA%2FL0y0oncWXjLIcWxQE2bniH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf3766e0620b9-NRT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 58ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=1503ada37b0ee83ab798c31a7dc7ea4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au-donetsk.ru
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:10:37 GMT
x-content-type-options: nosniff
age: 266190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 15:10:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 148ms
93ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=1503ada37b0ee83ab798c31a7dc7ea4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au-donetsk.ru
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:09:36 GMT
x-content-type-options: nosniff
age: 266251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 15:09:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 59ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=1503ada37b0ee83ab798c31a7dc7ea4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au-donetsk.ru
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 15:52:56 GMT
x-content-type-options: nosniff
age: 350051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 15:52:56 GMT

GET
H3 200 fontawesome-webfont.woff2
au-donetsk.ru/wp-content/themes/root/fonts/ 75 KB
76 KB 16ms
15ms Font
font/woff2 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au-donetsk.ru/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/wp-content/cache/min/1/043017735fbaed9c34cccbae440d6112.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://au-donetsk.ru/wp-content/cache/min/1/043017735fbaed9c34cccbae440d6112.css
Origin: https://au-donetsk.ru
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
last-modified: Sat, 30 Jan 2021 16:51:14 GMT
server: cloudflare
etag: "60158e82-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2zZOfU5yTvtVZ8NXGjsNQib14ikNQQyNOu%2Ft9kxjQvDdcJfX9jUwULxsTd%2BdyeK%2Bf%2FSb14abXNWp2eHDSQc8EbAEP6r135tJQ3HC4MtDyaJxh99f%2BbiKqlOhAgHf9thE9SYCOTiA0U9izOr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b4cf3767e1e20b9-NRT
expires: Mon, 27 Dec 2021 16:59:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 128ms
89ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=1503ada37b0ee83ab798c31a7dc7ea4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au-donetsk.ru
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 15:43:50 GMT
x-content-type-options: nosniff
age: 350597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 15:43:50 GMT

GET
H3 200 lazy_placeholder.gif
au-donetsk.ru/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
648 B 90ms
89ms Image
image/gif 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 470
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42
last-modified: Mon, 01 Mar 2021 15:46:09 GMT
server: cloudflare
etag: "603d0c41-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCY3B7HSQSNLZ%2FcSa7MV8U%2F%2B676UbpkIWY93UPeNhTFn09pPcQ4gsx8%2FtCABky2kWsaku2ghBgnN9k1RjJu1EOgx2X5BxQL7SY7gXQSfSj9llgxttEdFePpUnc0TqAggG0BVnyeNmESS52kW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf3769e5f20b9-NRT

GET
H2 200 scth_4584028778.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 169ms
2ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/scth_4584028778.js

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.5.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

193c63d085380a570118f653663253817ce32c1b683be824eb87b2a40e534c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 26 Nov 2021 16:24:22 GMT
x-timer: S1638032829.911008,VS0,VE1
etag: "2921181e5613a88a48a02df712c9315f6e0d9732f8403e7f28994b409c923187-br"
x-served-by: cache-hnd18739-HND
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sat, 27 Nov 2021 17:07:08 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19554
x-cache-hits: 1

GET
H3 200 kak-narisovat-koshku-master-klass-s-instrukcziej-dlya-nachinayushhih-hudozhnikov-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 7 KB
8 KB 544ms
544ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/kak-narisovat-koshku-master-klass-s-instrukcziej-dlya-nachinayushhih-hudozhnikov-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd0a4ce43eaba0a6287a45037d7cd4041d1d9e68b788ed1fa8a821792fb678d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7256
last-modified: Thu, 05 Aug 2021 01:13:25 GMT
server: cloudflare
etag: "610b3b35-1c58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vxxJcZ0MV3SsL16wgLlZDT9NLK6tzyGGEGjfci0BaMRjp9w4nYM6qevi%2F27aMPrFuKbWRi2iyHoVbWZpplbS7XMYcN6wUBEYz1iSh%2BNp2YC6LEfRoA%2B3k1d1zGRB3t8SBYdg%2FKbaA%2FzOzL8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7220b9-NRT

GET
H3 200 aff11be9d5ca7470cd1050a157465485-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 11 KB
12 KB 555ms
554ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/aff11be9d5ca7470cd1050a157465485-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a725933a8a9cf7f7581417c946032dcd7ca3121d10d87570a8d245e7b4568676

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11219
last-modified: Thu, 05 Aug 2021 01:10:05 GMT
server: cloudflare
etag: "610b3a6d-2bd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnHfAZ2nc46a3c229vj8buaUTo8DJSr2B3EGI4W8bXIegnCcZdfe2iHf%2BJ891trtvaoXwwsAFnb%2FCQdw%2B47KdgOY61jP3rxWhIQEH1bB5KkhNx1LLMYwh5iJmOAmYQdozrHP0TzSqWTscy3R"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7420b9-NRT

GET
H3 200 chto-delat-esli-sobaku-ukusila-zmeya-pervaya-pomoshch-i-dejstviya-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 12 KB
13 KB 577ms
576ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/chto-delat-esli-sobaku-ukusila-zmeya-pervaya-pomoshch-i-dejstviya-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb3087fdc4ab7d08abb1406b98bf1eb477ae8f43c4211f30bedd253ec4cd7b17

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12309
last-modified: Thu, 05 Aug 2021 01:10:19 GMT
server: cloudflare
etag: "610b3a7b-3015"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLpQiaRbrqJaHXyRVQtD0T95Vg25DNDGBq%2F8rqkxs%2BfaJyx9tt%2BDAKk91%2F6NrGS3hJQWxdXg2mq%2FfFoT1FB%2B%2B0jbkfaORlGClkLhoyZtubxkA%2FxyKNAOPBERAS3Aln9PJpwrYI0OoApi0axA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7620b9-NRT

GET
H3 200 akita-inu-uhod-i-soderzhanie-4-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 8 KB
8 KB 552ms
550ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/akita-inu-uhod-i-soderzhanie-4-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b58269396056b27623791853396b3512bead8866f4fab1335d29c241f16d21a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7824
last-modified: Thu, 05 Aug 2021 01:10:32 GMT
server: cloudflare
etag: "610b3a88-1e90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lArmeFmqHTqDookuzfvLRwe9iUa40QTvPf0usPzTTSIVWP4sCcX63ffmqDJrcoAVVkjF1X0qU0dRXxB8ZyFrFwjylkBJ1%2BtLIQ5mITf9%2FAwvPwqrzo4JRpTirGYhABu2DH8G5ujJZPKUhJxb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7820b9-NRT

GET
H3 200 prichiny-vzdutiya-zhivota-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 13 KB
14 KB 780ms
778ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/prichiny-vzdutiya-zhivota-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481834d271b3e0eb49cdb7f2f9470472c554ef071b6edd7fc1e9ee4d1d9f2f84

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13622
last-modified: Thu, 05 Aug 2021 01:10:29 GMT
server: cloudflare
etag: "610b3a85-3536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLBolIlgUZ63D1lnlqofPf3GnvjnjJ7g0HoSXvyiX5DuYlbQ%2F%2F%2Bm%2FJNyCoVgAtWbDNs8gHAZnye8huy%2Bdx445zx5oJebIYaScFCOUkoEwKa3etgNp%2FMirFd3Y4XCyyEhx7uoupCME0yznSXj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7920b9-NRT

GET
H3 200 1-sobaka-roet-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 9 KB
9 KB 517ms
516ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/1-sobaka-roet-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e7609ddc3e6d66aa390c3b7630fe222c44cdf7c720c395dc10c71c923b2b7c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8900
last-modified: Thu, 05 Aug 2021 01:10:25 GMT
server: cloudflare
etag: "610b3a81-22c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAV6WwsScDZbH1KkzjfimtfLWF72R7CnA9kwosQdXhnjSpQrC04JVEYCyxwQKRDAJ%2FQ2HmD5PhGY70rfOy1un%2BCNXussTmgPaGaIMzIK9FDIbjwjFZ4sHkCnA1XFXDvtHZL8%2BlFGm2I%2F9vUz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7a20b9-NRT

GET
H3 200 1115-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 13 KB
13 KB 580ms
579ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/1115-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb86d0456a1eb2f524254ef3882654e619ac587bf924339eb94e940398b32c01

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13059
last-modified: Thu, 05 Aug 2021 01:10:27 GMT
server: cloudflare
etag: "610b3a83-3303"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BU5Mh%2BGcN8JE0P3%2FJKCgYDREqf4YE9ZWZAOFdLempBws1jyqe7N9YqT9czA5YEuGu6FibmxfKOw3nRc8gkpOvcu0zRYbeSGdSD1Q5VwWQ0sT4babHmexVrvl1QxeTLVsIJ8yLA5aoT4jJHW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7b20b9-NRT

GET
H3 200 2ff58f7f321e8f64f11a3200ca1cc3f9-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 17 KB
17 KB 526ms
524ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/2ff58f7f321e8f64f11a3200ca1cc3f9-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a905312f3cbfa16f45c65b111cae5664e6e9203ad22e56c63d4e1bbbb6633193

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16928
last-modified: Thu, 05 Aug 2021 01:10:11 GMT
server: cloudflare
etag: "610b3a73-4220"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjPQQiDyXfRtUhRRuqIYbISvMZeLO6hPdT8kg62fwSqzXIPaTPHBNJmiyy0GcwcaA%2BILRyTWxm59l9ZK1FTX6T4nfKuJ8pzAzQIXyK%2FQLl%2BtVmFYzc9RD4djaeW9up0%2BpPU4mxhoV9BYg8WB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7e20b9-NRT

GET
H3 200 poroda-linda-v-vozraste-8-mesyacev-nachinaet-otkladyvat-yajca-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 13 KB
13 KB 306ms
305ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/poroda-linda-v-vozraste-8-mesyacev-nachinaet-otkladyvat-yajca-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6619de9c8c82cca8a64553f216e79034657c0eacb8688b15a99054d89cdeca32

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13063
last-modified: Thu, 05 Aug 2021 01:09:41 GMT
server: cloudflare
etag: "610b3a55-3307"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZL7R5Fssle1ZoKe%2BtMKZHsLbEAd1qMNQ%2BTrqx2jyXYCy5usEFy%2BGAfoeUinBOy5JIEL6pxD2WgWblxIMJfmY09DuHyKh5WAfKP%2F3Vi0r8kHb8uqbtIWBvnZzSfYggKJxjBBfaFP5Poxpgi9y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe7f20b9-NRT

GET
H3 200 kakrazmnozhayutsyagolubiiskolkovisizhiva_ed1bdc4c-330x140.jpg
au-donetsk.ru/wp-content/uploads/ 11 KB
12 KB 533ms
531ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/kakrazmnozhayutsyagolubiiskolkovisizhiva_ed1bdc4c-330x140.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe6a1a72a602cf34a270cf1092de6bb60d1d74496256e82af6c04d0d46d91f19

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11192
last-modified: Thu, 05 Aug 2021 01:10:03 GMT
server: cloudflare
etag: "610b3a6b-2bb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b13szvuKAqY2N3eST39TDLCnxq7GmkRiTeugJKNfl1lKKPE4cuJ9hDyrjOIEu41pRADAB5SXPTKs8sqbT55QprSLTJFkrDZICxD4UIHPPJxez29Ysd%2BNy4Y8KBxTPRA6TiK1tyyob9giAZNy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8020b9-NRT

GET
H3 200 golyj-zemlekop-150x150.jpg
au-donetsk.ru/wp-content/uploads/ 7 KB
8 KB 572ms
570ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/golyj-zemlekop-150x150.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a4f16e15873cec62fb9f9c15c161c078401214bef5a1ebf4d2be6b9b136335

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7601
last-modified: Wed, 04 Aug 2021 05:11:37 GMT
server: cloudflare
etag: "610a2189-1db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unBJkslOJR7ueLQ%2Ba7bQ0SBOZa3Dnip4hsRFMc1dSNnQEn4yQJKPSNtAKp%2FtilVQi4R4XaNlt0c5K4XKygbDJ%2BxChnJi5wWZeNjHrJWhbguclTuXp1TTze6elJlJkLlIAR4dLL1CIXf7L%2FnD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8220b9-NRT

GET
H3 200 kanadskij-bobr-v-vode-gryzun-mlekopitayushchee-150x150.jpg
au-donetsk.ru/wp-content/uploads/ 9 KB
9 KB 530ms
528ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/kanadskij-bobr-v-vode-gryzun-mlekopitayushchee-150x150.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd22b29c29997449084a5a7446ed9bff496eb475a92705c2a407b06b33099bb3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9036
last-modified: Thu, 05 Aug 2021 01:00:16 GMT
server: cloudflare
etag: "610b3820-234c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiEpFdZN4dMaFU4YSsW%2BjKHUlk2yD6uxKRzOVMXk5%2BQcIpRQEaKF4rnZkDIIKNUQXpRzjHBBkVKEuLgx5CzPWjbCOUbV4EZVlcdC7U%2FqTdH625aZy%2FaC3sqcEuYvV8%2BY2qwKwWdHjbvniyOM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8320b9-NRT

GET
H3 200 lyagushka-tipichnyj-predstavitel-zemnovodnyh-150x150.jpg
au-donetsk.ru/wp-content/uploads/ 7 KB
8 KB 574ms
572ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/lyagushka-tipichnyj-predstavitel-zemnovodnyh-150x150.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4545686304b1bdfed622875739552fac70836b6dc1d6549f3919188d9da0d116

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7207
last-modified: Wed, 04 Aug 2021 05:22:39 GMT
server: cloudflare
etag: "610a241f-1c27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCZEdPYI2WjBcF1PuXOVfRfEhBNFwym4ph6W67JNhFJYM446rQNRGfE9OM7J8vDY2BxV9pXD5nekUAYCxhsKxsnHwVr1MwCfllbyLwoZPvmFuUHf6UIWQJtYU%2BXBTHt1TtHllnUttnVhKo0w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8520b9-NRT

GET
H3 200 3-57-150x150.jpg
au-donetsk.ru/wp-content/uploads/ 6 KB
7 KB 531ms
529ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/3-57-150x150.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14459a842511e3d53cc15ef8c6d77428afd226de7c69ad2315db0838505e38ad

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6350
last-modified: Sat, 30 Jan 2021 17:04:30 GMT
server: cloudflare
etag: "6015919e-18ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RggqCkpTtsmN23lNI8KyJwVBTHs6llED4CBH86AeskOWkMiZvxLJp%2BjAagO%2FJCLa2VrIj1yZiP75OI79IU15UZpIyhFCDulVQ1FKn12Pyc5Ju0k0CYHzSfwvskTkcz31ApkGNdUzAb0g7HJE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8820b9-NRT

GET
H3 200 333-150x150.jpg
au-donetsk.ru/wp-content/uploads/ 5 KB
6 KB 551ms
549ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/333-150x150.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd7fb94a2fa8c7cfc64f9a1aa9e89d2ac3e8896f76f4f64ba3b51e208a9d8973

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5074
last-modified: Wed, 04 Aug 2021 05:22:20 GMT
server: cloudflare
etag: "610a240c-13d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z95lzIaSWsn0wbFwxU%2BkFYS5iTPyUIRTeSk%2BzXBYaszPSAy0%2BoG8QF62jZx8Fwj2V4UAwPFEXujj1If44xxFWi5MrWp2OKL%2B8m0gWhuUJLwSTOA7C8MCAncT8euSfL3XkwburMlAs7MYCEQf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8b20b9-NRT

GET
H3 200 obezyana-2-150x150.jpg
au-donetsk.ru/wp-content/uploads/ 9 KB
10 KB 523ms
521ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/obezyana-2-150x150.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7a508d99d88148ef954decfc68ff3eba74fc143d42e60b24dae552a314b9ffa

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9442
last-modified: Wed, 04 Aug 2021 05:37:03 GMT
server: cloudflare
etag: "610a277f-24e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrz%2BBkIJwNjUwAUny5J4a4Ok2iQF7m1%2FGTUaZR97Z1T8p2vL20m7acllOJ%2Fomo%2FWM3EGShWHPO3CBy%2FjpH4Zzw%2FwrVbsuL8h%2FyiCRpMnyeDqbfvf5WVhlVODdSIfZvUQ7Gqdljqg7uSWVKbb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8d20b9-NRT

GET
H3 200 kozya-sherst-150x150.jpg
au-donetsk.ru/wp-content/uploads/ 8 KB
9 KB 537ms
535ms Image
image/jpeg 2606:4700:3030::6815:1c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-donetsk.ru/wp-content/uploads/kozya-sherst-150x150.jpg
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a1960e6e5d1c6b686340fb94e11f5e9139b81e5a45dfe615a15b53c2c82d9f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-rocket-nginx-serving-static: No
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8288
last-modified: Wed, 04 Aug 2021 05:32:01 GMT
server: cloudflare
etag: "610a2651-2060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5lf8nCcWMTJf74QPnOAtjsQEwZHgLKBZUQTQJFaX7GyDqNkkWU77zZkD2DjKejN2f7NVSaQ1a5UDw%2B22r1%2FtsmIsIW3UZrdHg5gBN8z34Sqp2lxQDOYCBElTxbgkA4xAx3p4os80QV%2F3Qto"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b4cf37bbe8e20b9-NRT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
264 B 310ms
309ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.663908911147697

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/scth_4584028778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 26 Nov 2021 16:24:22 GMT
x-timer: S1638032829.918878,VS0,VE301
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-hnd18739-HND
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Sat, 27 Nov 2021 17:07:09 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/71712652/
Redirect Chain

https://mc.yandex.ru/watch/71712652?wmode=7&page-url=https%3A%2F%2Fau-donetsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49x2vr%3Afp%3A4155%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.ru/watch/71712652/1?wmode=7&page-url=https%3A%2F%2Fau-donetsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49x2vr%3Afp%3A4155%3Afu%3A0%3Aen%3Autf-8%3Ala%...

331 B
413 B

267ms
266ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71712652/1?wmode=7&page-url=https%3A%2F%2Fau-donetsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49x2vr%3Afp%3A4155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1075590193764%3Ahid%3A503296322%3Az%3A0%3Ai%3A20211127170709%3Aet%3A1638032829%3Ac%3A1%3Arn%3A893148677%3Arqn%3A1%3Au%3A1638032829754276232%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638032823789%3Ads%3A0%2C11%2C2760%2C1%2C0%2C0%2C%2C1388%2C3%2C%2C%2C%2C4945%3Adsn%3A0%2C11%2C2760%2C1%2C%2C0%2C%2C1389%2C2%2C%2C%2C%2C4945%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638032829%3At%3A%D0%9F%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B9%D1%87%D0%B8%D0%BA%20-%20%D0%92%D1%81%D1%91%20%D0%BF%D1%80%D0%BE%20%D0%BF%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B5%D0%B2&t=gdpr%2814%29ti%282%29

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

00b3d3879dd184b2707cd6210fb19c33c08f090960ada684f54b1569e1abc395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Nov-2021 17:07:09 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://au-donetsk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sat, 27-Nov-2021 17:07:09 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:09 GMT
last-modified: Sat, 27-Nov-2021 17:07:09 GMT
location: /watch/71712652/1?wmode=7&page-url=https%3A%2F%2Fau-donetsk.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49x2vr%3Afp%3A4155%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1075590193764%3Ahid%3A503296322%3Az%3A0%3Ai%3A20211127170709%3Aet%3A1638032829%3Ac%3A1%3Arn%3A893148677%3Arqn%3A1%3Au%3A1638032829754276232%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638032823789%3Ads%3A0%2C11%2C2760%2C1%2C0%2C0%2C%2C1388%2C3%2C%2C%2C%2C4945%3Adsn%3A0%2C11%2C2760%2C1%2C%2C0%2C%2C1389%2C2%2C%2C%2C%2C4945%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638032829%3At%3A%D0%9F%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B9%D1%87%D0%B8%D0%BA%20-%20%D0%92%D1%81%D1%91%20%D0%BF%D1%80%D0%BE%20%D0%BF%D0%BE%D0%BF%D1%83%D0%B3%D0%B0%D0%B5%D0%B2&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://au-donetsk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 27-Nov-2021 17:07:09 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 267ms
267ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif?t=ti(4)

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
last-modified: Fri, 26 Nov 2021 15:51:55 GMT
etag: "61a0d86b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 27 Nov 2021 18:07:09 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
370 B 2ms
2ms Script
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://au-donetsk.ru/
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.663908911147697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-cache: HIT
content-length: 65
x-served-by: cache-hnd18739-HND
x-fh-no-setcookie-unroll: true
server: Google Frontend
x-timer: S1638032829.253673,VS0,VE1
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: c866c976c8a47c0937211a909589984d
cache-control: max-age=3600,public
function-execution-id: qrbc548pp8ki
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 1

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 198 B
399 B 25ms
18ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/scth_4584028778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a68a21ab231a757d22cb335367ea6a285b9394d3dbb2e8d111c550941287e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b4cf37eedc83402-NRT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 125ms
84ms Script
text/javascript 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/scth_4584028778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

sffe /

Resource Hash

35b40f317a07334a36906fb7156d53ef0fd8b9eb22e77315d6abbf70d4698714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1056 / 889 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26862
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 17:07:09 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 77ms
37ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?zx

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/scth_4584028778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37e10684ffc4e52a6ffb8bce49139ad0c04668a553a24e294573561779b428bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1056 / 508 of 1000 / last-modified: 1637708807"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26863
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 17:07:09 GMT

GET
H2 200 /
mc.yandex.ru/watch/71348983/SCTH/ 43 B
71 B 265ms
264ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/71348983/SCTH/?r=0.9807434838545099

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:09 GMT
last-modified: Sat, 27-Nov-2021 17:07:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Nov-2021 17:07:09 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SCTH%22:{%22au-donetsk.ru%22:{%22https://au-donetsk.ru/%22:%22%22}}}&r=0.896419224637294
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.896419224637294

0
0

265ms
265ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.896419224637294
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:09 GMT
last-modified: Sat, 27-Nov-2021 17:07:09 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.896419224637294
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sat, 27-Nov-2021 17:07:09 GMT

GET
H2 200 /
mc.yandex.ru/watch/71348983/SCTH/ 43 B
71 B 265ms
265ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/71348983/SCTH/?r=0.36251079801439245

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:09 GMT
last-modified: Sat, 27-Nov-2021 17:07:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Nov-2021 17:07:09 GMT

GET
H2

200

1
mc.yandex.ru/watch/53428543/
Redirect Chain

https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SCTH%22:{%22au-donetsk.ru%22:{%22https://au-donetsk.ru/%22:%22%22}}}&r=0.6696736778354961
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.6696736778354961

0
0

267ms
267ms

Image
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.6696736778354961
Requested by: Host: au-donetsk.ru
URL: https://au-donetsk.ru/
Protocol: H2
Server: 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:09 GMT
last-modified: Sat, 27-Nov-2021 17:07:09 GMT
strict-transport-security: max-age=31536000
location: /watch/53428543/1?wmode=7&site-info=%7B%22SCTH%22%3A%7B%22au-donetsk.ru%22%3A%7B%22https%3A%2F%2Fau-donetsk.ru%2F%22%3A%22%22%7D%7D%7D&r=0.6696736778354961
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sat, 27-Nov-2021 17:07:09 GMT

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 45ms
45ms Script
text/javascript 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 17:07:09 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 32 B
684 B 76ms
37ms XHR
application/json 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=au-donetsk.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?zx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

cafe /

Resource Hash

80d3be9669cce1379e8d6418b756e599b9ea55c0afee06edf7a8e10306fb5147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48
x-xss-protection: 0
expires: Sat, 27 Nov 2021 17:07:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 75ms
36ms Script
application/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=au-donetsk.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 75ms
37ms Script
application/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au-donetsk.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 126 KB
34 KB 343ms
306ms XHR
text/plain 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1747441921154693&correlator=2331023602823257&output=ldjh&impl=fif&eid=31063798&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=41117126%2CZXNT%2Czxnt_scth&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ad_format%3Dinterstitial&cust_params=site_domen%3Dau-donetsk.ru%26site_topdomen%3Dau-donetsk.ru%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%259F%25D0%25BE%25D0%25BF%25D1%2583%25D0%25B3%25D0%25B0%25D0%25B9%25D1%2587%25D0%25B8%25D0%25BA%2520%25D0%2592%25D1%2581%2520%25D0%25BF%25D1%2580%25D0%25BE%2520%25D0%25BF%25D0%25BE%25D0%25BF%25D1%2583%25D0%25B3%25D0%25B0%25D0%25B5%25D0%25B2%2520%25D0%2592%25D1%2581%2520%25D0%25BF%25D1%2580%25D0%25BE%2520%25D0%25BF%25D0%25BE%25D0%25BF%25D1%2583%25D0%25B3%25D0%25B0%25D0%25B5%25D0%25B2&cookie_enabled=1&bc=31&abxe=1&lmt=1638032829&dt=1638032829569&dlt=1638032826563&idt=2978&frm=20&biw=1600&bih=1200&oid=2&adks=525015316&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fau-donetsk.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1875167652.1638032830&ga_sid=1638032830&ga_hid=228722704&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

cafe /

Resource Hash

a3cdb1b8f160c7995f41d649697b9cc5e900045efa2b3ade7b07d84445c277ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34668
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://au-donetsk.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 517ms
481ms XHR
text/plain 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1747441921154693&correlator=2331023602823257&output=ldjh&impl=fif&eid=31063798&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=41117126%2CZXNT%2Czxnt_scth_overlay&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1600x90&cust_params=site_domen%3Dau-donetsk.ru%26site_topdomen%3Dau-donetsk.ru%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%259F%25D0%25BE%25D0%25BF%25D1%2583%25D0%25B3%25D0%25B0%25D0%25B9%25D1%2587%25D0%25B8%25D0%25BA%2520%25D0%2592%25D1%2581%2520%25D0%25BF%25D1%2580%25D0%25BE%2520%25D0%25BF%25D0%25BE%25D0%25BF%25D1%2583%25D0%25B3%25D0%25B0%25D0%25B5%25D0%25B2%2520%25D0%2592%25D1%2581%2520%25D0%25BF%25D1%2580%25D0%25BE%2520%25D0%25BF%25D0%25BE%25D0%25BF%25D1%2583%25D0%25B3%25D0%25B0%25D0%25B5%25D0%25B2%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fau-donetsk.ru%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1638032829&dt=1638032829573&dlt=1638032826563&idt=2978&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=1345&adks=1153084574&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fau-donetsk.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&ga_vid=1875167652.1638032830&ga_sid=1638032830&ga_hid=228722704&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

cafe /

Resource Hash

1c888f0b74e015264833e65ed169b8e44d49c70e385f725408de39e979f3bf50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8864
x-xss-protection: 0
google-lineitem-id: 5594326937
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308614061
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://au-donetsk.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1333 6 KB
4 KB 112ms
37ms Document
text/html 2404:6800:4004:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:819::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 17:07:09 GMT
expires: Sun, 27 Nov 2022 17:07:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 75ms
41ms Script
text/javascript 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021111601.js?cb=31063798

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

sffe /

Resource Hash

5130eb2b26589edc79df541561e0c40469fdb05a7a75566a61e580e1d473254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13503
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 17:07:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 83ms
45ms XHR
application/json 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

494b9c490268810df34a6abade7bdf40f4b3b078658e3599779601d15be57977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9367
x-xss-protection: 0

GET
H3 200 container.html Show response
42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B6B 6 KB
3 KB 38ms
2ms Document
text/html 2404:6800:4004:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:819::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 17:07:09 GMT
expires: Sun, 27 Nov 2022 17:07:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 99ms
62ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3B6B 4 KB
634 B 75ms
39ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 15:43:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 17:07:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7B30 1 KB
642 B 64ms
38ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%91%E3%81%8C%E3%82%8B%E6%9C%9F%E3%82%82%E3%81%A7%E3%83%86%E3%82%BD%E3%80%823%E3%81%AE%E3%83%AA%E7%94%A3%E3%83%BC%E3%82%A9M%E3%83%B3%E6%A5%AD%E3%81%BE%E2%84%A2%E7%B6%9A%E9%95%B7R%E4%BD%BF%E3%82%B9%E3%82%8A%E5%8F%96%E6%89%B1%E3%81%AF%E3%81%84%E3%82%B7%E3%83%97%E3%81%82%E6%8C%81%E7%9F%AD%E3%81%AB%E3%81%99%E3%83%95%E3%83%9E%E3%83%A7%E3%80%81%E3%83%A5S%E9%96%93%E7%94%A8

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8c0b0d3eccc16431c8d4351c80ae1deedb846d4ad6df74d5593492000652d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 17:07:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 17:07:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7B30 1 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 17:05:40 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 7B30 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 17:05:30 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7B30 2 KB
1 KB 3ms
1ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 17:00:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B30 119 KB
36 KB 83ms
47ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7B30 15 KB
6 KB 41ms
3ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 17:00:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7B30 0
0 78ms
35ms Image
text/html 2404:6800:4004:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTE4DUEeC76sQ8cZunqFilBgjcmnwANlg7pfV1I2jCmUnw_7BKY-BVThJtsVgXjL5_vObiqI4kVT7QtgJbrlo19hfwFCg
Requested by: Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81f::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 7B30 27 KB
12 KB 45ms
2ms Script
text/javascript 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 06:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 06:22:29 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 3B6B 18 KB
8 KB 40ms
4ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8141
x-xss-protection: 0
server: cafe
etag: 15959965552278146708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 17:02:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3B6B 205 B
520 B 42ms
3ms Image
image/png 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 06:31:06 GMT
x-content-type-options: nosniff
age: 124564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Nov 2022 06:31:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3B6B 604 B
696 B 42ms
3ms Image
image/png 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
URL: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:17:37 GMT
x-content-type-options: nosniff
age: 380973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 23 Nov 2022 07:17:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1029 12 KB
5 KB 31ms
4ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 08:15:51 GMT
expires: Tue, 22 Nov 2022 08:15:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 463879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14CD 783 B
1001 B 71ms
40ms Document
text/html 2404:6800:4004:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63a4c7a0ac8956f26e742497a8fac6917ccdd2def8ea7230f6b61df5b5a9f4a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u0BEDF3JKe2MxmMcw18wmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 17:07:10 GMT
date: Sat, 27 Nov 2021 17:07:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-u0BEDF3JKe2MxmMcw18wmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E53 0
0 41ms
40ms Fetch
image/gif 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTGoK1Hu7p18iwtdwQ4BEKzLKJCB8NxJPeNdHSB_gD-XAQp10gvTZK2ai6zyow0J0_I3TezDWIo8WWBI-Qjz9ETQZs2dI9e6uiAsEAwcwEkHL4bfePkGKmsHNRr0F4pdCiZZNXqTIrzQCGg08Dgeq5-KnQ36d7LDsLykvvodXrpvvt_f2HODg6HoBQ7-C4yMDttQcdZMBs1qZjcNpGJlene2EajopH6O2NbUcY1e3zSvcgG_trEXIv0GxpA3V9TF-2hkAfGQ578i_SO-xlx6DBmyxgW9KyMXAkKjSvPcCoXUGuoBMDFzl1xT7namrNPvQ&sai=AMfl-YRrTSN4gFpWqvNDqesZRHaKZn6nj5SpwtADhye0lOU80FuRPdDbjyJxTWZGuLGZfuZUqjXUJNgTCg6qqltYfOgup91AdhLWrYLToT-8Z9LvqTcewVqFX_t4hgfqo38&sig=Cg0ArKJSzCtsHRyfBFVEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: au-donetsk.ru
URL: https://au-donetsk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8E53 111 KB
39 KB 92ms
56ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bad12198ed3a695510ebb46cd041b047cf0ae185747b0f4888ec831b8e2ecb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40088
x-xss-protection: 0
server: cafe
etag: 12155876779579644992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E53 119 KB
36 KB 57ms
56ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1029 35 KB
13 KB 32ms
3ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 03:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:44:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14CD 0
0 52ms
52ms Image
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1747441921154693&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ Frame 8E53 270 KB
97 KB 101ms
101ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1baea5c0f0845c33446dd24e2ba7db5fc8aed61774570079e73016a2ab126652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99573
x-xss-protection: 0
server: cafe
etag: 12861967687518862756
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 17:07:10 GMT

GET
DATA 200
OK truncated
/ Frame 8E53 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd61a2f34058abffae745ca12ee2972c26722526850a433d9348799e0318b191

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=1747441921154693&bg=!5Oel56PNAAZQLpa_UC47ACkAdvg8WkAf4ZRHBRiAmSp_QbA1LGAddttimf7DtyLFjrIu61bCT1bKnQIAAABlUgAAAApoAQeZAm4vGi20T-Tf1Gi5Nq2UItr_MYseqbbfeCdFiBMVCG0zyTbtVA6sALms6SaB8OQ-wxJNxUe6ej-j0hQlTBOP4QLUCHclM-L5aeFYiO6dhkGpaZ6-QFzQ7EpxPzOv4O6wyYHf03P1cksG9JWBsv6-NwcEY9p1FW-vpwZpP2BXXOWh6CkYzDgYVoVwi7bmDQdhwsrFryy338wT-xHjlE7Du_o41Tclu2qMsmGPxL8uGh4z1dGik-z8r4878C8W5G_XuUGeV1Pm2sl_Pj0zQG8LOctMloHhTvKwKtOcood_DO7O4Li9d6h1g55MZ-0GaZZjybEVLNEiBGkv97sOQOSV1DY3U7HYyGjsKg_xCnVUJr616AbHXdQHTQV9dy9g1c4xyIZ9eKffQMeHQytuWRRaofh-ZzEJw2FvtwFL_m6Trtgox6FgLVK6ERuX3vtIYcBJejktIUsSWPmHe91tC0NSrXbSL99QSoC3ftxBM5XyMDfJy32OJ9hUeOvQYIJF7OtnyIhr7eE32wQN3QqiS-5cq728M7H-R3TmG2ZGSf4qLNST2th1VVxFGjftBCcyFBHSwUSl-1gwdPXxu4jsCylF-9EdxFrgnTVGgru_uxEgrva8Z0tdZO5Hzks6LLXE6iiui_3e7el26g_vt8F-KBTLKjuvGJuadVmya01EZJZW4CpQnHQTnaU1pExAWdMYlN7p7YA-S_PjfxjQE5Bk789oZzjGgvRHiFozdVns5w6isoZDZkuLf5NQsVWXsRwuPIT9AJFljfa372Na6v9zQ1Y_8erLAUQlzpI8Z4JgM6U1DycG-Ip5E4TCcykYZZYIMP1M

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8E53 12 B
247 B 38ms
37ms Script
text/javascript 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=au-donetsk.ru&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D67a70939ab9b66b2-22c27a8946cf0061%3AT%3D1638032829%3AS%3DALNI_MZyuRZc6M-JsGuWs2oxzUCqYIK9kA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame 8E53 107 B
122 B 76ms
39ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=au-donetsk.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8E53 107 B
122 B 73ms
37ms Script
application/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=au-donetsk.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50A4 73 KB
27 KB 249ms
211ms Document
text/html 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=zxscth_overlay&adk=2330404427&adf=816031633&pi=t.ma~as.zxscth_overlay&w=1200&fwrn=3&fwrnh=100&format=1200x90&url=https%3A%2F%2Fau-donetsk.ru%2F&ea=0&flash=0&fwr=0&rh=90&rw=1200&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638032830215&bpp=11&bdt=117&idt=227&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&cookie=ID%3D67a70939ab9b66b2-22c27a8946cf0061%3AT%3D1638032829%3AS%3DALNI_MZyuRZc6M-JsGuWs2oxzUCqYIK9kA&correlator=2542536986096&frm=23&ife=4&pv=2&ga_vid=1862247512.1638032830&ga_sid=1638032830&ga_hid=1771976287&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=0&ady=1183&biw=1600&bih=1200&isw=1600&ish=90&ifk=1415515115&scr_x=0&scr_y=0&eid=31063183&oid=2&pvsid=984481737101638&pem=852&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgso1dnvnk7o&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3719135457aee07555a799fd4970187f65e71fe18951f19dd0ef41687bf5099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Nov 2021 17:07:11 GMT
server: cafe
content-length: 27529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 50A4 522 B
351 B 38ms
38ms Stylesheet
text/css 2404:6800:4004:826::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E7%8C%AB%E3%83%95%E9%96%8B%E3%81%8F%E3%83%8D%E8%B6%B3%E9%96%80%E3%82%B3%E3%82%AB%E5%B0%82%E7%9F%AD%E3%82%A7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=zxscth_overlay&adk=2330404427&adf=816031633&pi=t.ma~as.zxscth_overlay&w=1200&fwrn=3&fwrnh=100&format=1200x90&url=https%3A%2F%2Fau-donetsk.ru%2F&ea=0&flash=0&fwr=0&rh=90&rw=1200&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638032830215&bpp=11&bdt=117&idt=227&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&cookie=ID%3D67a70939ab9b66b2-22c27a8946cf0061%3AT%3D1638032829%3AS%3DALNI_MZyuRZc6M-JsGuWs2oxzUCqYIK9kA&correlator=2542536986096&frm=23&ife=4&pv=2&ga_vid=1862247512.1638032830&ga_sid=1638032830&ga_hid=1771976287&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=0&ady=1183&biw=1600&bih=1200&isw=1600&ish=90&ifk=1415515115&scr_x=0&scr_y=0&eid=31063183&oid=2&pvsid=984481737101638&pem=852&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgso1dnvnk7o&fsb=1&dtd=243

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d07a3e53ddc4194b929b68cd5e72adb2e383cd29eef59fd69f2586ad9a4bf33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 17:07:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 17:07:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 17:07:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 50A4 1 KB
880 B 1ms
1ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 17:05:40 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 50A4 19 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 16:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 16:49:54 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 50A4 2 KB
1 KB 2ms
1ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 16:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 16:49:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50A4 119 KB
36 KB 82ms
82ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 17:07:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 50A4 15 KB
6 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 17:00:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 50A4 0
0 71ms
34ms Image
text/html 2404:6800:4004:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJQ3IKdP2C6hDXApvipU1De-T6HbEPQj_EHK90kzdce06fPRyKeZ_E25ToAbODVPtlhJyUDp88xWkAG2eZs-EEfr4Ihg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=90&twa=1&slotname=zxscth_overlay&adk=2330404427&adf=816031633&pi=t.ma~as.zxscth_overlay&w=1200&fwrn=3&fwrnh=100&format=1200x90&url=https%3A%2F%2Fau-donetsk.ru%2F&ea=0&flash=0&fwr=0&rh=90&rw=1200&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638032830215&bpp=11&bdt=117&idt=227&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&cookie=ID%3D67a70939ab9b66b2-22c27a8946cf0061%3AT%3D1638032829%3AS%3DALNI_MZyuRZc6M-JsGuWs2oxzUCqYIK9kA&correlator=2542536986096&frm=23&ife=4&pv=2&ga_vid=1862247512.1638032830&ga_sid=1638032830&ga_hid=1771976287&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=0&ady=1183&biw=1600&bih=1200&isw=1600&ish=90&ifk=1415515115&scr_x=0&scr_y=0&eid=31063183&oid=2&pvsid=984481737101638&pem=852&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgso1dnvnk7o&fsb=1&dtd=243
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81f::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 50A4 27 KB
11 KB 38ms
2ms Script
text/javascript 2404:6800:4004:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 06:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 24 Feb 2022 06:22:29 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/6221858263958850432/ Frame 50A4 33 KB
33 KB 87ms
87ms Image
image/jpeg 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6221858263958850432/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aebd28bec5310c9200cfeeb364708d963e9a3e7cc38fb1410d42e2c64871762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33947
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 12:30:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Nov 2022 17:07:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E62F 1 KB
749 B 2ms
2ms Document
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 26 Nov 2021 21:40:41 GMT
expires: Sat, 27 Nov 2021 21:40:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 69990
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E62F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZE_qGMaceLfprDUlXYtxE&google_push=AYg5qPJsXDEtf4wvpv_m9D9EwqzCfyMSpYw-wPXzyPKd_gXb84g2aRKSEv...

170 B
188 B

38ms
38ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZE_qGMaceLfprDUlXYtxE&google_push=AYg5qPJsXDEtf4wvpv_m9D9EwqzCfyMSpYw-wPXzyPKd_gXb84g2aRKSEv9KiqjwGDqVQoblRQ_tHvb8VJpcXVJqtrC2muAYdQ

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:11 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1638032831.313611,VS0,VE174
x-served-by: cache-hnd18737-HND
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBZE_qGMaceLfprDUlXYtxE&google_push=AYg5qPJsXDEtf4wvpv_m9D9EwqzCfyMSpYw-wPXzyPKd_gXb84g2aRKSEv9KiqjwGDqVQoblRQ_tHvb8VJpcXVJqtrC2muAYdQ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame E62F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPLlUmL9ETK6T-COPNWxZc_jdcxzkvRMqINRj2MLaSPrSM5b2qRDXf2Qhv2mjEYMhn5Dg1YIl_k2BRyAzaQjb7Dx...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPLlUmL9ETK6T-COPNWxZc_jdcxzkvRMqINRj2MLaSPrSM5b2qRDXf2Qhv2mjEYMhn5Dg1YIl_k2BRyAza...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=11d1d22b-fc52-4844-bb00-2e54b60a632a&ssp=google&gdpr=&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525264174786499515&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525264174786499515&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f524fd08-d0bc-4e82-bbf6-0d11658cd35c&ssp=google&gdpr_consent=&gdpr=
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164570203983002124904&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

43 B
235 B

4ms
4ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 17:07:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E62F
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEJA9kS7Si39mh5Icna5v5Co&google_cver=1&google_push=AYg5qPJgio4Ziyd-eNJtSewvK828Oc1gfZISQl3soLtbERn_dIBKeSYpSX7rdRlFisXsTENOuflfeYx5waVGfP7z9L5N7rHwhYQ
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AYg5qPJgio4Ziyd-eNJtSewvK828Oc1gfZISQl3soLtbERn_dIBKeSYpSX7rdRlFisXsTENOuflfeYx5waVGfP7z9L5N7rHwhYQ&google_hm=NHZtSDdCMDBJQkRHYTAwN1FZdm0

170 B
232 B

63ms
40ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AYg5qPJgio4Ziyd-eNJtSewvK828Oc1gfZISQl3soLtbERn_dIBKeSYpSX7rdRlFisXsTENOuflfeYx5waVGfP7z9L5N7rHwhYQ&google_hm=NHZtSDdCMDBJQkRHYTAwN1FZdm0

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Sat, 27 Nov 2021 17:07:11 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AYg5qPJgio4Ziyd-eNJtSewvK828Oc1gfZISQl3soLtbERn_dIBKeSYpSX7rdRlFisXsTENOuflfeYx5waVGfP7z9L5N7rHwhYQ&google_hm=NHZtSDdCMDBJQkRHYTAwN1FZdm0
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame E62F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPK2ARe5YQbXwyfZzcfIejpn4zfmQ4ZG02RFe7iO-DIFxMHmP9rlpY4BjrYThdbTulkLb3nrbnnzmsqY7RZNR...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEDIcM2r41NaucIG0zalDPug&google_cver=1&google_push=AYg5qPK2ARe5YQbXwyfZzcfIejpn4zfmQ4ZG02RFe7iO-DIFxMHmP9rlpY4BjrYThdbTulkLb3nrbnnzmsq...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=11d1d22b-fc52-4844-bb00-2e54b60a632a&ssp=google_jp&gdpr=&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522801270800673629&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801270800673629&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f524fd08-d0bc-4e82-bbf6-0d11658cd35c&ssp=google_jp&gdpr_consent=&gdpr=
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164570303983002128195&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

43 B
235 B

4ms
4ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 17:07:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://x.bidswitch.net/sync?dsp_id=419&user_id=10522801270800673629&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E62F
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEOUCvX_et5EBTAf6azsDB_8&google_cver=1&google_push=AYg5qPJZcQxHdJbXNHCvPzCvF8fLh5_RZXU_lNZknnS8defBFZpzrnvHsbYW3KcjPYC4X...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJZcQxHdJbXNHCvPzCvF8fLh5_RZXU_lNZknnS8defBFZpzrnvHsbYW3KcjPYC4XTRq_jvs0THs0XxgWxHO9QQRmbxpKQ&google_hm=QXRZQXhYQ0p2SVR6dFpGUFdTM3...

170 B
188 B

38ms
38ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJZcQxHdJbXNHCvPzCvF8fLh5_RZXU_lNZknnS8defBFZpzrnvHsbYW3KcjPYC4XTRq_jvs0THs0XxgWxHO9QQRmbxpKQ&google_hm=QXRZQXhYQ0p2SVR6dFpGUFdTM3g5cFE=

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJZcQxHdJbXNHCvPzCvF8fLh5_RZXU_lNZknnS8defBFZpzrnvHsbYW3KcjPYC4XTRq_jvs0THs0XxgWxHO9QQRmbxpKQ&google_hm=QXRZQXhYQ0p2SVR6dFpGUFdTM3g5cFE=
Date: Sat, 27 Nov 2021 17:07:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E62F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-CzpTHNKT9qNnYSjyOfo8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
243 B

67ms
39ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-CzpTHNKT9qNnYSjyOfo8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJFht4jd-Cn_hYPYdw2fpAkEm8jzKNdhCty_ishRZjpmCTKcIcLzbpBNOYAUrhB-9xaQMukggnAgCAJHIUIp2kXCc_i0F0

Requested by

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-CzpTHNKT9qNnYSjyOfo8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJFht4jd-Cn_hYPYdw2fpAkEm8jzKNdhCty_ishRZjpmCTKcIcLzbpBNOYAUrhB-9xaQMukggnAgCAJHIUIp2kXCc_i0F0
date: Sat, 27 Nov 2021 17:07:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame E62F
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEHKcsTuP7q6DqNdxsCwLJ2c&google_cver=1&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E62F 0
223 B 76ms
37ms Image
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdUZt6USvVzTD12ZPUwpTV1aY1RGZ6FstV8VbZW1LzocBOOeCK1o6_cRX3smiAIMOpuTs-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 50A4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04928e78f2516f1602e1e1f1b2eae634b23d7d5b36b07fe68be8a5c1d6161367

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame 50A4 4 KB
4 KB 79ms
43ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQei0q12VBZGua91vHLBlZNTaMW0Magj3zoBfPx9C7u_PjFc2TLlfs5int&skey=b1468649b9c42538&v=v36

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E7%8C%AB%E3%83%95%E9%96%8B%E3%81%8F%E3%83%8D%E8%B6%B3%E9%96%80%E3%82%B3%E3%82%AB%E5%B0%82%E7%9F%AD%E3%82%A7

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2923b9a9faf30c75e1d23ab34608945991d27d0cc159c464384b902e3ff9033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:11 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4140
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 20:57:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:07:11 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 50A4 4 KB
4 KB 76ms
40ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxouMdbqZGiy91vLLBlBNTeyW0MChA7koivmx8O9tNr9FO2gLlfn&skey=72472b0eb8793570&v=v36

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3a6a8e012cdedf0d82146881f25b9c44592384bda18d6346e2954bbddafdc19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:11 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4136
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 20:57:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Nov 2021 17:07:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E53 0
0 76ms
40ms Fetch
image/gif 172.217.175.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8Wngl26AotdCbVLug6YLobYBygsrtjOyHUTPBhD8f3lGvVc--NesvlPX5bYfFukqNQsE9Id6kvvs4QMgdWFVOVuMFYQkGAcm0qBz1seDRwOzVK6CVkovACU4NJphxO4ZEvDjs9ZFTmEQ0OsEMz3R_BuF_S9EwzVv7AcGTNAIb65KfAzXLRncdFkh_OG4jzbGZKJ376fsGExUf-RdNmXyIyihTsIJk7bN52DdREqZ7Kp5cMXRm4nYRHeLzryszcysYUPCZOSeh5DcinyJYuI7bzvBDucYMeYZ2JRf5b964R609sZW_zdfOkbF5HkoieP79yw&sai=AMfl-YRkG5LTsXezlypIm4LxfBW9mezD-dgBKbzpyq7TlF28OPWA1tpL6eaSVtMJ_y07nw3kE75EsIwO6utnc2V_MHCptk-s6IqOiXhcE1XlYMEbYDSaF01efHw36M20apI&sig=Cg0ArKJSzJD4S9QLUQb4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 27 Nov 2021 17:07:11 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8E53 12 KB
9 KB 91ms
54ms XHR
application/json 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f81c8fd7d20ee30e470bc28611136901173acc3922c76473709cb8e858e9ace4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 17:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9479
x-xss-protection: 0

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame BDB2 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 03:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:44:58 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E53 17 KB
6 KB 154ms
154ms Script
text/javascript 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 17:07:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AF94 12 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 08:15:51 GMT
expires: Tue, 22 Nov 2022 08:15:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 463880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B795 783 B
533 B 208ms
208ms Document
text/html 2404:6800:4004:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

811b1820035beba9a4b21a8339b19da4a0029e2b0521d6810331e624cb24a85f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nbW+zdNk13pcQurGaGgtGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 17:07:11 GMT
date: Sat, 27 Nov 2021 17:07:11 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nbW+zdNk13pcQurGaGgtGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame AF94 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 03:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:44:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E53 0
20 B 38ms
38ms Image
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=984481737101638&bg=!KSqlKm7NAAZQLpa_UC47ACkAdvg8WuMq4BtD-Bt1x7XJoBDUeJ6p2G_qvdEV6s-q8h-ea5yZIu-0awIAAAA7UgAAAAdoAQcKAI4G1FYMUXjgU1vLB-QvTnhP6AFk3OU_rvBvQ_yIa-3ElHNp5OKrkR03gr5VOVtSED0YaYnzqq_pm8TNmQE5GIVdRyF_xZ3AmKZNodmDffAgdMDygdMG7n3HknuacRvSqjvuRCOIgLZalNim3QMkOSmi1FlC3beBCk2yVScgyTtBWD0P3hg4FdWAO9kaEVXdmQKTRc9P--3lbsxumksjywcQw5LJeMebZUJCApmXKgkLRROYC2SNDlDBt4vPUf6zusREXZs9A0vOk7ZDo7payrJe_j_EEACiOSmKTdI_JVxafxq5L24SbYGBnLCDunMNFmKP4DSLBWwEgT1ABr5hkAplDhiP1ir0CzRojjWVmX_yMRYeHgk6LKxqgyLtotSQEgdQ0ag9qAtqIowsAAbTgJV2_R_GeKDa2MU5VifIOttkMTKvjGmWqQp2zz29yaMfaH2e5PYgPxYuy3SGZFbE4DJDlk94HnjOwM0FuHDlBMlME1BaH4w9df3W8FNtDtxPrsy2kl4OSWLZOL-5-K0XvhDtIiXdOB88xZLUcNhPFgEQXR3sq_Hs2AtUZeZjwWSMR_8sxyrgU14oCrY34VZZ0OuZ2Kqyiw_-KBN2Ba0BuLGJp_RAUoxGLKHFKqRnRrOeHJlnEEL07OU1YfFh4qrufMUXRv3PgxTzsh6MinHR1I34w49hPFS9ERTw_NdpoX82itCGBKPzM_KzfIt7AQxFIJcLqkULonQ9m4YB1tckGW_FbtgkIMe72WVzMRcnBtigBjgcsznehcdFjexxM6oMNJ7o9vxS0M6LkaFaew_SX7CS_bbWg3-4l7jHhGH6qb4GdHsxA8AzkBTmW6ejpj0mnKcxukJiKdCMDe3sFIAKSsmtpah6Gv3EszCEydcQoUzxdzPR856nGHiNlG7zjfNAOMdP9gPQh2niWGksbiQ3C_ZB9ChaTlflLxDiHIL-2WWYpd2nMlRM3g2IcAXQZMRseJgHeaon_7vqvqsafZoPrb9NM4HewE8stXZ9qKWHbIpq0VdtzDeECc-6Hd5F1RvYIhg4ovVIa6AYloDtkUMRDY2cBDjTkDE

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B795 0
0 51ms
51ms Image
text/html 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=984481737101638&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E53 42 B
64 B 36ms
36ms Fetch
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuA41ZY8Tlg4QPfpvxy2gDxXSFFG4PAE680QXJLoMCVdlf3HC0oQawkTH4IHS4p1820E4sHIkpzzotv8GR31UwSebHciTNGSEAYHFQOX9aSROF5TnRW&sig=Cg0ArKJSzFMGLjcGtuhXEAE&id=lidar2&mcvt=1000&p=1085,0,1175,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1153084574&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638032830098&rpt=1292&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://au-donetsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50A4 42 B
64 B 46ms
46ms Fetch
image/gif 2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoiH5agP7GJ3oFRT9FJybsd4plIv-7fkxNZSL4FL2XP0_3E8wSFxFdk9sryLjREDlz3pccE85hdQyJGgz5pBGZfWihyjYluFiPiaFBdFOG6XeJWIbxwbAPdwxAImxR0a6zVS6jCsutKQ&sai=AMfl-YRn4ojzyQKJQqa2N8rAvQicMptRAWEU4-xmvH-w4dDarzdd9gRiC5L0LIjYhBhpbKdp_ntW_sKVmcln4S0-Sd45AW8ycEDLu7Xpj2GBx9hHyeg341jFpIdxiy0&sig=Cg0ArKJSzNU2-gbDw0bVEAE&cid=CAASFeRoELAhzxOH9D5NIXWSzBo72ckmeg&id=lidar2&mcvt=1001&p=0,0,90,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2330404427&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638032830460&rpt=927&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 17:07:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.au-donetsk.ru/	1969-12-31 23:59:59	Name: surfer_uuid Value: 7fb1e8ad-32bf-4ec7-bf1a-15eae5dc7397
.au-donetsk.ru/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fau-donetsk.ru%2F%22%2C%22depth%22%3A1%7D
.au-donetsk.ru/	1969-12-31 23:59:59	Name: page_load_uuid Value: facd8188-d3fd-47ab-a1ee-5a8b6146f93a
au-donetsk.ru/	1970-01-19 23:43:44	Name: advanced_ads_browser_width Value: 1600
au-donetsk.ru/	1970-01-23 14:36:32	Name: advanced_ads_page_impressions Value: 1
.au-donetsk.ru/	1970-01-20 07:46:08	Name: _ym_uid Value: 1638032829754276232
.au-donetsk.ru/	1970-01-20 07:46:08	Name: _ym_d Value: 1638032829
au-donetsk.ru/	1970-01-19 23:43:44	Name: zxntcmp Value: 1
.yandex.ru/	1970-01-20 07:46:08	Name: ymex Value: 1953392829.yrts.1638032829#1953392829.yrtsi.1638032829
.yandex.ru/	1970-01-23 14:36:32	Name: yandexuid Value: 7393881411638032829
.yandex.ru/	1970-01-23 14:36:32	Name: yuidss Value: 7393881411638032829
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1219016241638032829
.yandex.ru/	1970-01-23 14:36:32	Name: i Value: LC8+yw6xKGhM8c6zfiv9RJGifyfdQ4CuP4sJGHgsvq+YRt3JRj0KLAnXv4XyFa2wcVI4cmNU9C8N7vGOW+tZNM/1rPs=
.au-donetsk.ru/	1970-01-19 23:01:44	Name: _ym_isad Value: 2
.au-donetsk.ru/	1970-01-20 08:22:08	Name: __gads Value: ID=67a70939ab9b66b2-22c27a8946cf0061:T=1638032829:S=ALNI_MZyuRZc6M-JsGuWs2oxzUCqYIK9kA
.doubleclick.net/	1970-01-20 16:31:44	Name: IDE Value: AHWqTUnO6DojgpgjPdnPX2np4kRvdi3d7ZyPlYzvE1c7tZy18uphz8ZO3M_rxUsG9lM
.pubmatic.com/	1970-01-19 23:01:59	Name: KTPCACOOKIE Value: YES
.adingo.jp/	1970-01-19 23:43:44	Name: ID Value: 3e44b1e40ea989066237ccc612380d10
.pubmatic.com/	1970-01-20 01:10:08	Name: KADUSERCOOKIE Value: F82CE94C-734A-4FDA-8D9D-84A3C8E7E8F2
.r-ad.ne.jp/	1970-01-20 03:19:44	Name: r_ad_token Value: 4vmH7B00IBDGa007QYvm
.everesttech.net/	1970-01-20 07:46:08	Name: everest_g_v2 Value: g_surferid~YaJlvwAHu3rkYQBR
.bidswitch.net/	1970-01-20 07:46:08	Name: c Value: 1638032831
.bidswitch.net/	1970-01-20 07:46:08	Name: tuuid_lu Value: 1638032831
.bidswitch.net/	1970-01-20 07:46:08	Name: tuuid Value: 11d1d22b-fc52-4844-bb00-2e54b60a632a
.bidswitch.net/	1970-01-19 23:00:33	Name: google_push Value: AYg5qPK2ARe5YQbXwyfZzcfIejpn4zfmQ4ZG02RFe7iO-DIFxMHmP9rlpY4BjrYThdbTulkLb3nrbnnzmsqY7RZNRhINeUkBkhU
.mookie1.com/	1970-01-20 08:29:20	Name: id Value: 10522801270800673629
.mookie1.com/	1970-01-20 08:29:20	Name: mdata Value: 1\|10522801270800673629\|1638032831691
.mookie1.com/	1970-01-20 08:29:20	Name: ov Value: e6d85f38dfe70955c3e9961b5855970a
.tapad.com/	1970-01-20 00:26:56	Name: TapAd_TS Value: 1638032831737
.tapad.com/	1970-01-20 00:26:56	Name: TapAd_DID Value: f524fd08-d0bc-4e82-bbf6-0d11658cd35c
.tapad.com/	1970-01-20 00:26:56	Name: TapAd_3WAY_SYNCS Value:
.mookie1.com/	1970-01-19 23:14:56	Name: syncdata_TAP Value: 1
.agkn.com/	1970-01-20 07:46:08	Name: ab Value: 0001%3AinAkBt62vnWiZPikPGh2ILXeBS2rap%2Fu
.mookie1.com/	1970-01-19 23:14:56	Name: syncdata_NEU Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPJvfomy1YORhkfOZ4NZPSnmv-fGlyYhiVyghtZzP0DyA9gOKK8Uc0ibMMwfsAePLrfda0xDTrzt2-WQLW6rI7XsrItnLcA&google_hm=3e44b1e40ea989066237ccc612380d10 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42fae7bde166d7b67c6925148fc350d9.safeframe.googlesyndication.com
aa.agkn.com
adservice.google.co.jp
adservice.google.com
au-donetsk.ru
cdn.zx-adnet.com
cm.g.doubleclick.net
cs.r-ad.ne.jp
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
image6.pubmatic.com
mc.yandex.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.tapad.com
securepubads.g.doubleclick.net
ssp.adriver.ru
sync-tm.everesttech.net
tneduf.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cm.g.doubleclick.net
103.231.99.78
107.178.244.193
151.101.1.195
151.101.194.49
172.217.175.2
172.217.175.66
18.177.11.95
23.108.96.47
2404:6800:4004:80b::2002
2404:6800:4004:810::2002
2404:6800:4004:812::2002
2404:6800:4004:813::2003
2404:6800:4004:819::2001
2404:6800:4004:81f::2004
2404:6800:4004:821::2001
2404:6800:4004:821::2003
2404:6800:4004:824::2002
2404:6800:4004:826::200a
2606:4700:10::6814:b844
2606:4700:3030::6815:1c18
2a02:6b8::1:119
35.213.12.39
35.227.202.26
52.194.50.162
81.222.128.214
00b3d3879dd184b2707cd6210fb19c33c08f090960ada684f54b1569e1abc395
04928e78f2516f1602e1e1f1b2eae634b23d7d5b36b07fe68be8a5c1d6161367
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
14459a842511e3d53cc15ef8c6d77428afd226de7c69ad2315db0838505e38ad
193c63d085380a570118f653663253817ce32c1b683be824eb87b2a40e534c71
1b58269396056b27623791853396b3512bead8866f4fab1335d29c241f16d21a
1baea5c0f0845c33446dd24e2ba7db5fc8aed61774570079e73016a2ab126652
1c888f0b74e015264833e65ed169b8e44d49c70e385f725408de39e979f3bf50
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
29bc8d1584c12a05db9ac9637886359eb8688bb718cd946ff177dcca7cafd81b
2a68a21ab231a757d22cb335367ea6a285b9394d3dbb2e8d111c550941287e14
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bad12198ed3a695510ebb46cd041b047cf0ae185747b0f4888ec831b8e2ecb3
2d07a3e53ddc4194b929b68cd5e72adb2e383cd29eef59fd69f2586ad9a4bf33
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
33e7609ddc3e6d66aa390c3b7630fe222c44cdf7c720c395dc10c71c923b2b7c
34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade
35b40f317a07334a36906fb7156d53ef0fd8b9eb22e77315d6abbf70d4698714
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37e10684ffc4e52a6ffb8bce49139ad0c04668a553a24e294573561779b428bc
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
4505d8c682a796cf6bf1101374e0fedad0e1b29e6f7d19c0ba7e8e6bead61134
4545686304b1bdfed622875739552fac70836b6dc1d6549f3919188d9da0d116
481834d271b3e0eb49cdb7f2f9470472c554ef071b6edd7fc1e9ee4d1d9f2f84
494b9c490268810df34a6abade7bdf40f4b3b078658e3599779601d15be57977
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5130eb2b26589edc79df541561e0c40469fdb05a7a75566a61e580e1d473254e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63a4c7a0ac8956f26e742497a8fac6917ccdd2def8ea7230f6b61df5b5a9f4a1
6458fab983f3066177cb670793ddbddda489a90491a7f4a9ca9c7f9c96677236
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6619de9c8c82cca8a64553f216e79034657c0eacb8688b15a99054d89cdeca32
700cbde9afd7ae03f3222672a02f8b9957d0aece201f6cab99f77c1103630edf
754970eaac11fed3c9d4af1cd0c433507dc6886aa484c4530d17b3d6c73d1b1d
76a4f16e15873cec62fb9f9c15c161c078401214bef5a1ebf4d2be6b9b136335
80d3be9669cce1379e8d6418b756e599b9ea55c0afee06edf7a8e10306fb5147
811b1820035beba9a4b21a8339b19da4a0029e2b0521d6810331e624cb24a85f
845d6582db3471bc1d8af85c03d68697f55a5c8fc9a3e0f09523a7d2344e0947
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
89a1960e6e5d1c6b686340fb94e11f5e9139b81e5a45dfe615a15b53c2c82d9f
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8aebd28bec5310c9200cfeeb364708d963e9a3e7cc38fb1410d42e2c64871762
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9fd0a4ce43eaba0a6287a45037d7cd4041d1d9e68b788ed1fa8a821792fb678d
a3cdb1b8f160c7995f41d649697b9cc5e900045efa2b3ade7b07d84445c277ba
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a725933a8a9cf7f7581417c946032dcd7ca3121d10d87570a8d245e7b4568676
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a508d99d88148ef954decfc68ff3eba74fc143d42e60b24dae552a314b9ffa
a905312f3cbfa16f45c65b111cae5664e6e9203ad22e56c63d4e1bbbb6633193
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac1536aea35ab05c539a51b3a46d50931a2970ec90e881b2fe3d0dbd02b80ba7
b2923b9a9faf30c75e1d23ab34608945991d27d0cc159c464384b902e3ff9033
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
bd22b29c29997449084a5a7446ed9bff496eb475a92705c2a407b06b33099bb3
bd61a2f34058abffae745ca12ee2972c26722526850a433d9348799e0318b191
cb3087fdc4ab7d08abb1406b98bf1eb477ae8f43c4211f30bedd253ec4cd7b17
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3719135457aee07555a799fd4970187f65e71fe18951f19dd0ef41687bf5099
d3a6a8e012cdedf0d82146881f25b9c44592384bda18d6346e2954bbddafdc19
d8c4092ef4a2a2daba2ae8b4db78175e96339ce0b06d75ac3976d53a0a2ea4e2
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e8c0b0d3eccc16431c8d4351c80ae1deedb846d4ad6df74d5593492000652d65
ec13e85ea4fc62c5020385ee8e4248095d587407f3ec6a4999a04d858dad84fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f81c8fd7d20ee30e470bc28611136901173acc3922c76473709cb8e858e9ace4
fa4bdef2f815bb00274ef6cb7a86b646b9a3235eadb130a2cd54964b460c38c6
fb86d0456a1eb2f524254ef3882654e619ac587bf924339eb94e940398b32c01
fd7fb94a2fa8c7cfc64f9a1aa9e89d2ac3e8896f76f4f64ba3b51e208a9d8973
fe6a1a72a602cf34a270cf1092de6bb60d1d74496256e82af6c04d0d46d91f19

au-donetsk.ru Open in urlscan Pro 2606:4700:3030::6815:1c18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

117 Requests

91 %HTTPS

52 %IPv6

21 Domains

27 Subdomains

19 IPs

4 Countries

1287 kBTransfer

3206 kBSize

34 Cookies

0 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

au-donetsk.ru Open in urlscan Pro
2606:4700:3030::6815:1c18 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

91 %
HTTPS

52 %
IPv6

21
Domains

27
Subdomains

19
IPs

4
Countries

1287 kB
Transfer

3206 kB
Size

34
Cookies

117 HTTP transactions
2 data transactions