www.libex.ru Open in urlscan Pro
104.248.135.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://libex.ru/
Effective URL:
http://www.libex.ru/
Submission Tags: tranco_l324
Submission: On November 25 via api (November 25th 2021, 7:38:19 am UTC) from DE — Scanned from DE

Summary HTTP 105 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 18 domains to perform 105 HTTP transactions. The main IP is 104.248.135.5, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.libex.ru.

This is the only time www.libex.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	104.248.135.5 104.248.135.5	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2 3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
10	18.203.144.158 18.203.144.158	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
2	85.114.131.234 85.114.131.234	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
105	24

41 104.248.135.5 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: balancer1.libex.ru

libex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.libex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation) 2 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top.list.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

www.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.203.144.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.52.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.234 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	libex.ru 1 redirects libex.ru www.libex.ru	243 KB
18	googlesyndication.com 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	78 KB
10	mediamathtag.com s.update.mediamathtag.com	52 KB
6	doubleclick.net securepubads.g.doubleclick.net	144 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900020.redintelligence.net	8 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	google.com adservice.google.com www.google.com	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	55 KB
3	googletagservices.com www.googletagservices.com	100 KB
3	yadro.ru 1 redirects counter.yadro.ru	2 KB
2	contentspread.net cdn.contentspread.net	14 KB
2	google-analytics.com www.google-analytics.com	7 KB
2	mail.ru 1 redirects top-fwz1.mail.ru	2 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	google.de adservice.google.de	792 B
1	yandex.ru www.yandex.ru	2 KB
1	list.ru 1 redirects top.list.ru	617 B
1	rambler.ru counter.rambler.ru	583 B
105	18

	Domain	Requested by
40	www.libex.ru	www.libex.ru
10	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.libex.ru
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	hal900020.redintelligence.net	1 redirects 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com hal900020.redintelligence.net
3	tags.mathtag.com	042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com tags.mathtag.com
3	www.google.com	tpc.googlesyndication.com 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
3	042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	www.libex.ru 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
3	counter.yadro.ru	1 redirects www.libex.ru
2	cdn.contentspread.net	hal900020.redintelligence.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.libex.ru
2	top-fwz1.mail.ru	1 redirects www.libex.ru
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.libex.ru
1	www.gstatic.com	042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
1	fonts.googleapis.com	042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.yandex.ru	www.libex.ru
1	top.list.ru	1 redirects
1	counter.rambler.ru	www.libex.ru
1	libex.ru	1 redirects
105	25

This site contains links to these domains. Also see Links.

Domain
www.yandex.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
update.mediamathtag.com R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://www.libex.ru/
Frame ID: 88B8A803F93D9D9328D5D6F59F0C5EEB
Requests: 56 HTTP requests in this frame

Frame: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DC170107C3CB0BCCE3AB4F707E53E4AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0D2CCF157BBA6B086E5F18982D31BB32
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBE93FE7A04555DDFC6840C9FE794853
Requests: 2 HTTP requests in this frame

Frame: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29AAC4840F4F62E2416D8F63CAA8C558
Requests: 16 HTTP requests in this frame

Frame: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D3CCB6BCFE4723BE3EE984CCDE58E1C7
Requests: 25 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=37358800036203200951387011789020&a=e0773a7e
Frame ID: A336C0D8FABA46D39F9291525FFA386B
Requests: 5 HTTP requests in this frame

Frame: blob://https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/dc5941a1-fd7b-4111-9b25-21967d46ba5e
Frame ID: A7141EE57D5D82E30A2BCF08C3EE3594
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: C8487DF9C2B2F809A81FD2581D50B6CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Книжный магазин, букинистический и не только. Купить книги. Продать книги

Page URL History Show full URLs

http://libex.ru/ HTTP 301
http://www.libex.ru/ Page URL

Page Statistics

105
Requests

55 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

24
IPs

5
Countries

710 kB
Transfer

1474 kB
Size

33
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.yandex.ru/cy?base=0&host=www.libex.ru

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://libex.ru/ HTTP 301
http://www.libex.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://top.list.ru/counter?js=na;id=418495 HTTP 302
https://top-fwz1.mail.ru/counter?js=na;id=418495;ver=20 HTTP 302
https://top-fwz1.mail.ru/counter2?js=na;id=418495;ver=20

Request Chain 41

https://counter.yadro.ru/hit?r;s1600*1200*24;0.11410895470057003 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;0.11410895470057003

Request Chain 46

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1712458961&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B1%D1%83%D0%BA%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8.%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8&utmhn=www.libex.ru&utmhid=260804820&utmr=-&utmp=/&utmac=UA-105964-2&utmcc=__utma%3D231513346.1712458961.1637825895.1637825895.1637825895.1%3B%2B__utmz%3D231513346.1637825895.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1712458961&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B1%D1%83%D0%BA%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8.%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8&utmhn=www.libex.ru&utmhid=260804820&utmr=-&utmp=/&utmac=UA-105964-2&utmcc=__utma%3D231513346.1712458961.1637825895.1637825895.1637825895.1%3B%2B__utmz%3D231513346.1637825895.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 87

https://hal900020.redintelligence.net/request.php?zone=nd9y524lfv59&nw=20&renderingType=javascript&namespace=4773bf73ea&subid=&uid=e5b4ce5d19646963&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8530383286156434505%26mt_id%3D6622329%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_cid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%2526client%253Dca-pub-2548499688270864%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.libex.ru%2F&ancestorOrigins=http%3A%2F%2Fwww.libex.ru&random=4415620727205&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900020.redintelligence.net/request.php?zone=nd9y524lfv59&nw=20&renderingType=javascript&namespace=4773bf73ea&subid=&uid=e5b4ce5d19646963&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8530383286156434505%26mt_id%3D6622329%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_cid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%2526client%253Dca-pub-2548499688270864%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.libex.ru%2F&ancestorOrigins=http%3A%2F%2Fwww.libex.ru&random=4415620727205&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

105 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.libex.ru/
Redirect Chain

http://libex.ru/
http://www.libex.ru/

44 KB
45 KB

57ms
35ms

Document
text/html

104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 / PHP/4.4.8
Resource Hash: 5a461892414317c65bc37362f6129dc196b00298902fe588aef956abab9145c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.14.1
Date: Thu, 25 Nov 2021 07:38:14 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/4.4.8

Redirect headers

Server: nginx/1.14.1
Date: Thu, 25 Nov 2021 07:38:14 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: http://www.libex.ru/

GET
H/1.1 200
OK style.css
www.libex.ru/css/ 9 KB
9 KB 33ms
30ms Stylesheet
text/css 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.libex.ru/css/style.css
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 / PHP/4.4.8
Resource Hash: 8bae061b92d562b9458ba47a41a284d43474516f6edd4da6887c9f7658311b77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Server: nginx/1.14.1
Connection: keep-alive
X-Powered-By: PHP/4.4.8
Transfer-Encoding: chunked
Content-Type: text/css

GET
H2 200 top100.cnt
counter.rambler.ru/ 43 B
583 B 140ms
43ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.rambler.ru/top100.cnt?389213
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 07:38:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
x-srv: 1node0044.top100.rambler.tech
access-control-allow-credentials: true
content-type: image/gif, image/gif
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top.list.ru/counter?js=na;id=418495
https://top-fwz1.mail.ru/counter?js=na;id=418495;ver=20
https://top-fwz1.mail.ru/counter2?js=na;id=418495;ver=20

43 B
960 B

43ms
42ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?js=na;id=418495;ver=20

Requested by

Host: www.libex.ru
URL: http://www.libex.ru/

Protocol

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:38:15 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Thu, 25 Nov 2021 07:38:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?js=na;id=418495;ver=20
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK logo.jpg
www.libex.ru/img/ 7 KB
7 KB 10ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/logo.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: f757a0a09d413f412148abe822ba28df2ea4be9bef73fa4541aba1ebaa58ba6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 09 Jun 2006 09:54:31 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6793
Content-Type: image/jpeg

GET
H/1.1 200
OK none.gif
www.libex.ru/img/ 49 B
305 B 10ms
8ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/none.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 30 Aug 2002 07:39:38 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49
Content-Type: image/gif

GET
H/1.1 200
OK home.gif
www.libex.ru/img/ 179 B
436 B 15ms
12ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/home.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 37f9ae32b9eaeb39a71382943d255d9a1160cf088206d6f43635aef12d32b569

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Mon, 19 Jul 2004 06:57:48 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179
Content-Type: image/gif

GET
H/1.1 200
OK bookmark.gif
www.libex.ru/img/ 155 B
412 B 16ms
12ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/bookmark.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: eebbfb0ef700f93ee1b4db39d4eefd1f8f5ebf6dbb6c5c469319f94bf9e875d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Mon, 19 Jul 2004 06:56:52 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155
Content-Type: image/gif

GET
H/1.1 200
OK book.gif
www.libex.ru/img/ 267 B
524 B 16ms
11ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/book.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 7b1af95e282c7d0dd2d81c4801c18e6831c61830c132b854902462c0bd2b9055

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Tue, 03 Oct 2006 08:56:10 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 267
Content-Type: image/gif

GET
H/1.1 200
OK mag.gif
www.libex.ru/img/ 275 B
532 B 16ms
12ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/mag.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 1617c7d6cf8b704b3679b2a83ddf1be7f291da6e1553d4df91e2880417619ea9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Tue, 03 Oct 2006 09:01:01 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 275
Content-Type: image/gif

GET
H/1.1 200
OK rarrow.gif
www.libex.ru/img/ 64 B
320 B 9ms
8ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/rarrow.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: d48aead47833d1331a49404563cdcada75e73ca381a701a7ae05936e801dedc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 30 Aug 2002 07:25:26 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64
Content-Type: image/gif

GET
H/1.1 200
OK no-check.gif
www.libex.ru/img/ 72 B
328 B 8ms
8ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/no-check.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 79ad656c24ca76ac29e60d7bb8ada3fd67bc18f6dabd5617e171d1637e30514a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 09 Jun 2006 12:40:23 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72
Content-Type: image/gif

GET
H/1.1 200
OK 88x31-3.gif
www.libex.ru/img/banr/ 7 KB
7 KB 9ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/banr/88x31-3.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 51658e4fff7aebf109d33c5848fed186c98fedc0504d85a18e6350f50d4a3f12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Thu, 07 Nov 2002 15:20:48 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6914
Content-Type: image/gif

GET
H/1.1 200
OK 7e639.jpg
www.libex.ru/img/x/39/18/ 7 KB
7 KB 9ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/39/18/7e639.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: f9fdf65f6eb89ccf163edaa49a19027a9481b324b09d0c964fc33f5c981e4a95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 02 Jul 2014 14:18:09 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6753
Content-Type: image/jpeg

GET
H/1.1 200
OK 0.gif
www.libex.ru/img/cond/ 66 B
322 B 9ms
8ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/cond/0.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: c1776ca309ba8aa889cab874fe5a64f4ec2a76bc2df9a1270dbecffbaef3d264

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Mon, 04 Nov 2002 14:57:20 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66
Content-Type: image/gif

GET
H/1.1 200
OK cnt.php
www.libex.ru/chart/ 249 B
504 B 20ms
19ms Image
image/png 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/chart/cnt.php?id=676871&c=1
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 / PHP/4.4.8
Resource Hash: 849c36934f765db7b28f9f3f9e0f05d5a5f70337d313bfc4f2d4a14a2c9e5e40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Thu, 25 Nov 2021 07:38:14 GMT
Server: nginx/1.14.1
X-Powered-By: PHP/4.4.8
Transfer-Encoding: chunked
Content-Type: image/png
Connection: keep-alive

GET
H/1.1 200
OK e53d3.jpg
www.libex.ru/img/x/13/0f/ 17 KB
18 KB 8ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/13/0f/e53d3.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: a8a8e1463c4c788a1666afb40723fdfbc1aad5e8accaef9b187c3c3f46ee82b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Sat, 07 Nov 2020 14:12:47 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17803
Content-Type: image/jpeg

GET
H/1.1 200
OK cnt.php
www.libex.ru/chart/ 245 B
500 B 20ms
19ms Image
image/png 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/chart/cnt.php?id=1074475&c=1
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 / PHP/4.4.8
Resource Hash: 98345fa5d70fd205c2cba5aeee8013fbb9978a5a43255c610b675e087066800b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Thu, 25 Nov 2021 07:38:14 GMT
Server: nginx/1.14.1
X-Powered-By: PHP/4.4.8
Transfer-Encoding: chunked
Content-Type: image/png
Connection: keep-alive

GET
H/1.1 200
OK a0.gif
www.libex.ru/img/tab/ 43 B
299 B 11ms
10ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/tab/a0.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: aebe5186d868bad2db62bebd12b517866e6295a1a263c4c525ec40363dc6c7c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 29 Aug 2003 12:43:36 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ai.gif
www.libex.ru/img/tab/ 109 B
366 B 10ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/tab/ai.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 49560c2f72a1a58e2a28f837bad995c48c297d245d8e489ec2269845b61b78d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 29 Aug 2003 10:47:30 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109
Content-Type: image/gif

GET
H/1.1 200
OK ii.gif
www.libex.ru/img/tab/ 90 B
346 B 10ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/tab/ii.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 266542a61a0a17599ebe8801d2b20ff922807cc83b6dc37f263bcb1db7a43016

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 29 Aug 2003 10:50:34 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90
Content-Type: image/gif

GET
H/1.1 200
OK i.gif
www.libex.ru/img/tab/ 94 B
350 B 9ms
8ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/tab/i.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 3edd331bc52584dc8854429bb24c778e83cd761f3f71eb2139198a47789b40cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 29 Aug 2003 10:50:52 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94
Content-Type: image/gif

GET
H/1.1 200
OK ar.gif
www.libex.ru/img/picto/ 63 B
319 B 14ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/picto/ar.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 1583fb7817988575511b01b948a3e95250d8e6411bba9c9133ab84771a5685ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 10 Sep 2003 08:48:30 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63
Content-Type: image/gif

GET
H/1.1 200
OK arr.gif
www.libex.ru/img/picto/ 67 B
323 B 12ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/picto/arr.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: bd134a7b5ea2f27c033f1d50852d282a8f0afdbd02e610cba49356503fbbcadc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 10 Sep 2003 08:47:24 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67
Content-Type: image/gif

GET
H/1.1 200
OK ico-ok.png
www.libex.ru/img/picto/ 318 B
575 B 11ms
8ms Image
image/png 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/picto/ico-ok.png
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 1a640c8c84930899dcf14f5ad006f893f2989b68ecf5c80b13ede84eba8239f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 16 Jun 2006 12:00:12 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 318
Content-Type: image/png

GET
H/1.1 200
OK f250c.jpg
www.libex.ru/img/x/0c/14/ 6 KB
6 KB 11ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/0c/14/f250c.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: ca6efa01ced13ca360dbdc9bbfedd6f6704f8d1a16eb03f669e1003b475f9ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Thu, 25 Nov 2021 07:21:58 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6206
Content-Type: image/jpeg

GET
H/1.1 200
OK 3.gif
www.libex.ru/img/cond/ 79 B
335 B 12ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/cond/3.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 67c2655f511133f2f873673ab0803f9774917b8f32a990ba15be5570a082870b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 23 Jul 2004 09:05:40 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79
Content-Type: image/gif

GET
H/1.1 200
OK defcover.jpg
www.libex.ru/img/ 2 KB
2 KB 11ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/defcover.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: d75b2d402682465c5c1b962b98d36c6b174d0e29bceee295ff3c77d233c384f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 03 Feb 2006 14:16:04 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1600
Content-Type: image/jpeg

GET
H/1.1 200
OK 2.gif
www.libex.ru/img/cond/ 99 B
355 B 19ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/cond/2.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 172acf57e2333a696bdef4d875f4fe1e5e64a669d1dbf9222e2087170a640c4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 23 Jul 2004 09:06:54 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99
Content-Type: image/gif

GET
H/1.1 200
OK f250a.jpg
www.libex.ru/img/x/0a/14/ 32 KB
32 KB 30ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/0a/14/f250a.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: d2e00df393ef39b282bb6c23a0176342b9938234c85438d9b9f55046d41e3ab9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Thu, 25 Nov 2021 02:10:15 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32458
Content-Type: image/jpeg

GET
H/1.1 200
OK f2507.jpg
www.libex.ru/img/x/07/14/ 6 KB
6 KB 30ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/07/14/f2507.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 8121c39b04896e0e8074b72933cf5420a4d5565d9dfb3e571b366608e9cfb581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 24 Nov 2021 21:48:28 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5731
Content-Type: image/jpeg

GET
H/1.1 200
OK f2506.jpg
www.libex.ru/img/x/06/14/ 14 KB
14 KB 30ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/06/14/f2506.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 31746014726c31b5b5c5471f2cb46bf4c5db28453d393124782169f8c755bb42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 24 Nov 2021 21:44:53 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14174
Content-Type: image/jpeg

GET
H/1.1 200
OK 1.gif
www.libex.ru/img/cond/ 80 B
336 B 10ms
8ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/cond/1.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 3b769d35aad58b7bc6f187a679b4b7708392233a835f55d0d891c5b1698d1707

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Fri, 23 Jul 2004 09:04:50 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80
Content-Type: image/gif

GET
H/1.1 200
OK f2503.jpg
www.libex.ru/img/x/03/14/ 26 KB
26 KB 10ms
9ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/03/14/f2503.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: a93d9e265b438372ffd7f52918b7e22289ce3305fc81ed4b487ad19d192534a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 24 Nov 2021 21:31:23 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26459
Content-Type: image/jpeg

GET
H/1.1 200
OK f2501.jpg
www.libex.ru/img/x/01/14/ 27 KB
28 KB 10ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/01/14/f2501.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: e2ca989f07e64cfdef3aeab23cf82445e74a7d13ab168ae7e6ec3e9a73ee05a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 24 Nov 2021 21:13:50 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28129
Content-Type: image/jpeg

GET
H/1.1 200
OK f2500.jpg
www.libex.ru/img/x/00/14/ 23 KB
23 KB 9ms
8ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/x/00/14/f2500.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 60b72cbe87c0e474e33b94e883883a4924354a8d58f812dfb369c91d53a459fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 24 Nov 2021 21:10:54 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23300
Content-Type: image/jpeg

GET
H/1.1 200
OK 5-3.gif
www.libex.ru/img/stars/ 299 B
556 B 9ms
8ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/stars/5-3.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 93d5de5fa82cc570d05d70bf20e58ac80f02b44f405e6ca7579f872d36572052

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Sat, 31 Oct 2009 17:48:52 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 299
Content-Type: image/gif

GET
H/1.1 200
OK findbook.gif
www.libex.ru/img/ 923 B
1 KB 19ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/findbook.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 00f637fdf5073a9d8858342ad672ba9798a462e414e2e08a063760d61797ba0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 05 Apr 2006 13:35:46 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 923
Content-Type: image/gif

GET
H2 200 cycounter
www.yandex.ru/ 1 KB
2 KB 159ms
80ms Image
image/png 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yandex.ru/cycounter?libex.ru/

Requested by

Host: www.libex.ru
URL: http://www.libex.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a3f62bfb7d9a1975d55a4ca8d235aaf59b104fa9748ad644a798cc8dbc20d828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: Fri, 03 Dec 2021 11:59:54 GMT
last-modified: Fri, 19 Nov 2021 11:59:54 GMT
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png

GET
H/1.1 200
OK logo
counter.yadro.ru/ 207 B
480 B 159ms
41ms Image
image/gif 88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo?18.8

Requested by

Host: www.libex.ru
URL: http://www.libex.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b719227b172c6542a982928920f58916bbc31bd938362ac9195486da42a4ec1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:14 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Cache-control: no-cache
Connection: keep-alive
Content-Length: 207
Expires: Tue, 24 Nov 2020 21:00:00 GMT

GET
H2 200 urchin.js Show response
www.google-analytics.com/ 22 KB
7 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.libex.ru
URL: http://www.libex.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 77987
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Wed, 08 Dec 2021 09:58:27 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 24ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.libex.ru
URL: http://www.libex.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1054 / 94 of 1000 / last-modified: 1637708722"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 26861
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 25 Nov 2021 07:38:14 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;0.11410895470057003
https://counter.yadro.ru/hit?q;r;s1600*1200*24;0.11410895470057003

43 B
528 B

43ms
43ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;0.11410895470057003

Requested by

Host: www.libex.ru
URL: http://www.libex.ru/

Protocol

HTTP/1.1

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:14 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 24 Nov 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:14 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;0.11410895470057003
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 24 Nov 2020 21:00:00 GMT

GET
H/1.1 200
OK nav-bkg.gif
www.libex.ru/img/ 152 B
409 B 19ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/nav-bkg.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/css/style.css
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: ba49edc4a6d0d00b50613429f8374debce302127856deef8193b2f374b68c6a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Tue, 23 May 2006 08:25:51 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152
Content-Type: image/gif

GET
H/1.1 200
OK nav-sep.gif
www.libex.ru/img/ 110 B
367 B 18ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/nav-sep.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/css/style.css
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 690edd010614eaba4d341e0f2b1bc144ff147a75988f098fbbec0820c5f203b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 07 Jun 2006 11:34:04 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110
Content-Type: image/gif

GET
H/1.1 200
OK bkg.gif
www.libex.ru/img/ 114 B
371 B 18ms
9ms Image
image/gif 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/bkg.gif
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/css/style.css
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: da6b4a6c14ae46bf7c749e7798c1058f5c9f194c35ede1c381db964083869481

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Wed, 05 Apr 2006 12:09:46 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114
Content-Type: image/gif

GET
H/1.1 200
OK th-frame.jpg
www.libex.ru/img/ 3 KB
3 KB 18ms
9ms Image
image/jpeg 104.248.135.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.libex.ru/img/th-frame.jpg
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/css/style.css
Protocol: HTTP/1.1
Server: 104.248.135.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: balancer1.libex.ru
Software: nginx/1.14.1 /
Resource Hash: 96a3e1107dca3496749599252590347c10b81b4856b876cf3ecc60d72a239772

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:14 GMT
Last-Modified: Thu, 15 Jun 2006 11:07:59 GMT
Server: nginx/1.14.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2771
Content-Type: image/jpeg

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1712458961&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D1%8B%D0...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1712458961&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D1%8B%D...

35 B
194 B

8ms
7ms

Image
image/gif

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1712458961&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B1%D1%83%D0%BA%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8.%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8&utmhn=www.libex.ru&utmhid=260804820&utmr=-&utmp=/&utmac=UA-105964-2&utmcc=__utma%3D231513346.1712458961.1637825895.1637825895.1637825895.1%3B%2B__utmz%3D231513346.1637825895.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: www.libex.ru
URL: http://www.libex.ru/

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 03:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16417
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1712458961&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%9A%D0%BD%D0%B8%D0%B6%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B1%D1%83%D0%BA%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B8%20%D0%BD%D0%B5%20%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE.%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8.%20%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D1%82%D1%8C%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8&utmhn=www.libex.ru&utmhid=260804820&utmr=-&utmp=/&utmac=UA-105964-2&utmcc=__utma%3D231513346.1712458961.1637825895.1637825895.1637825895.1%3B%2B__utmz%3D231513346.1637825895.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 45ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 07:38:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
704 B 39ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.libex.ru

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ebc6196bdd87d61f259f45cf2245fa9367a0f402578391eaa4546e9f32204d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 07:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Thu, 25 Nov 2021 07:38:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.libex.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 07:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.libex.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 07:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
27 KB 718ms
702ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4486817821847107&correlator=4260518595694495&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211125&iu_parts=32294587%2CBanner_1%2CBanner_2a%2CBanner_2b%2CBanner_3a%2CBanner_3b%2CBanner_4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=234x60%2C100x100%2C100x100%2C88x31%2C88x31%2C468x60&cookie_enabled=1&bc=23&abxe=1&lmt=1637825894&dt=1637825894861&dlt=1637825894601&idt=235&frm=20&biw=1600&bih=1200&oid=2&adxs=1255%2C1468%2C1468%2C52%2C52%2C566&adys=0%2C659%2C765%2C666%2C719%2C2044&adks=1991737510%2C1536346796%2C3981075668%2C1234615577%2C2292352780%2C1102893007&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.libex.ru%2F&vis=1&scr_x=0&scr_y=0&psz=234x60%7C156x106%7C156x106%7C183x84%7C183x84%7C470x88&msz=234x-1%7C100x-1%7C100x-1%7C88x-1%7C88x-1%7C468x-1&ga_vid=1712458961.1637825895&ga_sid=1637825895&ga_hid=260804820&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

deede24c8554cb46a5e100ef38c2948976c6ff1f3f2a653d8b40504c3bfb0c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27883
x-xss-protection: 0
google-lineitem-id: -1,-2,-2,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-2,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.libex.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC17 6 KB
4 KB 54ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 25 Nov 2021 07:38:14 GMT
expires: Fri, 25 Nov 2022 07:38:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 44ms
21ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7154edfdfcd8ab887629e3e2a351cf370aa98dfcb7102041a9412dadbf3bd824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 07:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9367
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 25 Nov 2021 07:38:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0D2C 12 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 25 Nov 2021 03:04:35 GMT
expires: Fri, 25 Nov 2022 03:04:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBE9 783 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

130d5a351f8f72f283892daea22cb7c1859313f8b92bd8621c93786a1713f872

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ugtV6t1bkmNBuk+Cqn4XFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 25 Nov 2021 07:38:15 GMT
date: Thu, 25 Nov 2021 07:38:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ugtV6t1bkmNBuk+Cqn4XFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D2C 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 16:52:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBE9 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=4486817821847107&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=4486817821847107&bg=!k5ClkNTNAAZQLpa_UC47ACkAdvg8WiMsILaXuRzi52twQ9e9zj0wuT06sPvvMYeqL0MVHCqRxz7L-wIAAABOUgAAAAdoAQcKAOfPGST3WER4ij1h13zxYksSCXXNa9TZ5DEDDjDKII2iDm7uAFMEYMs6mJ_BM2b1qm37qu2bkLMUAZXhPteHyi2QhwkK5c8yAVUOfQfdvW7b6jugD9A7tqybyVi67bxWNSNefznQRD9b72r2YBR0daKfzrzA3AWYny0sxHW3YgF0s6AQMKuiu_D5V_KV-AUjcduwP4hjy-oj2Uze7EKwWzOMTUbpdmHZq2peRPle-KzX_hhbRXFkRYbnJbtdL63GjAX7iN-hylQZhrt1ZqwykCJrp8OlLX3i5xb-wS0CIziSEgulOdCY0NWZAm_vI2jpC-IuRwXK88E0fYFymovL15j-nISWEKBbnRZ1DSy3x24gDv2UpEuBLdEPLVZnrKRflqZFb50yJTlq57dLKptZBjx0Rq11idUXn6iHJ38DSWhdVKIEMRnAtRyhza-qFuVBYFo0n7DLaz9kHU4dFPvusCp6B3XyGp8q_QFv0nJQ7599DiGhmjRhG1RHu5kTckzbheFBnh93GiJboHP-88dJClIHtaKPWZT4HT_GGBdcV5cN29LcBr7LLi3kZ0X7uF-UiD1N3FewtkybEX1V626Vwz4gKIKD9OqbDWvm836_Z9nOCNTUNfEsy8KRA_pzlv0YsZ6hSPGwxMVbO8FOtftWIQrBvu-zEzTtY8kyuW9eQCHGNSkfPE1M-4QtpzY1GvEVa3yzsRvTi42fvUAq0MW6Lw7FbZspvc_fTxjUw0Tdz4RWvun-il9a8f_W30WAPJppArHTypJMm5jugJiDAuqWtPodS-FW2vGyRIbXeUcZaZBi_xADsbw_CHzXerW3UkaveASiI8V878TkTNObKufjkVTkPgGxNlNoA1t2DoQe5LQE_RJaDkr5Sb9RclzsEXaUvChl5t8bvihczcUezVxuvp8_jmJPSM4G2Ka4u7xHf3upHM8_EAFOSerQmCFnrNG1lbmj7XglxG7ki3rHzUFKy8Yczphc4dhO8hZMXXhxv_81jXqE09FVCiHSumwIJw2l2gUFk7CRuH9l_42vQQQQ9YkIP7P40UL2fj5UI-lNFvbdU0gVeW97pgaXn-WWWfp4-V-w25SaQgKPjTG_I1SDTdvmtaSCDLmmiSZt5rBbEUeMb34iPLvcmyL0Yg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 07:38:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 29AA 6 KB
3 KB 24ms
9ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 25 Nov 2021 07:38:14 GMT
expires: Fri, 25 Nov 2022 07:38:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D3CC 6 KB
3 KB 19ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.libex.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 25 Nov 2021 07:38:14 GMT
expires: Fri, 25 Nov 2022 07:38:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D3CC 0
0 33ms
33ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COJhiZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBM8BT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0I73hM3uhDVzexJBGBY5szOsuHp8p1oLRxqyAjFaOZ9AX-NxGamz4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjU0ODQ5OTY4ODI3MDg2NBjDrhI&sigh=w85ujK4jx10&uach_m=[UACH]&cid=CAQSPgCNIrLMtZ_kJh23qM26goGUTVBdXYOOrcqIPnoZ6BfTL0KHAnbllq2R9mzrS63szU28XWkgPz0Lfb3c1RXCGAE&tpd=AGWhJmsJnNG0VdYmnT05A3PnVcOGz5UmhLFqqKxzA6awK0D-8yl2_ewl4Av-ZlJF0E5T-KdG-5jm4gucUKMSvZqiV00NVL3oTXK_n5XsKEezb3_Hggj6lxu71pLniLto0TPkHHx1dVoV9gHgkrKOu3R4WWPtvzewEr9IhcpNUXfRiX1PEx34fKmtuvd0Nz-XTyZQjNbRfwST2J2Yw0VlRPBOpzJzxnTvH5zBUCqRwcoioYdtJ33mIeCx4taYMfhExs907iTiLl7uhCo8lAW5-8sZOievNsPxXUxv8NFmD3QDnzOcPoGF8jId-smEabsmoxCDs_t9vSN2MImWuqSWMggoSSmMwhI6LM1W2QpKHqMj7haTF5ztogfwFzdz6xMptNFQ61uj-nDBH6SZhVpDxA77e-DYk3vfprSjL6xZKGq6R-BpnUlhnbDo22O3_WxzVBWCjGg7aAefOjqzQFBwQ4TBVbSQm2sVPvwzujcxSJzo1qlg9-zmgax-ytT57nD2GyrsqIzZPPDgIOK1oyh_C-Fk6qsiJK3q3h_ZDFFY4icJ_heeHhwP3FjqAshytHH3R718lUyIi0OxpOQ2RuDn17s5tZJKkT9pIl0YyziAmOgB1W_bV_HuKmLYWjJoSNfpN4qgfEHuDqqjvkAvU4Oht4EdNcAyPvEXtMoQ2btY9KjJXYFC9xhFQ4q96PxQmGJ2oevVDcqe7ycLQHsCr7ikGO0-10ftG8hVW02Xljj37ENwzG3kqYDdMsjX56fmD7uakSw8zpMrlCOILZtTS-NWqv6nw4risOOPHrr3nHYQfk8RNIo8WQqBvkF2b5V3pvENceB5IElIASsL57OT_Q49lo1NK4bi6uyhdfW7kkd4-72ks09jCLHlmg_apkxai2a50dOC1r15ZAQDq-bXKIPevJEbctNTJA55xnk6EDDlM8KebngKBgK79TRTixZXxWOk79jAENTUdIUVGLxbrO7BU01GonEhpnpEUrYxGr1z-iOyjUv8e7BJF1B5kzuF4ADdwO1I3OZftSyFEsuAoOgDC6Z41xE_5k6H_pciG40MUviM4Iq50geKZsyHxkxMuXq2BVs2dh7AC85DmSq7e8zL0g
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame D3CC 3 KB
2 KB 146ms
95ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdWalpXUXpZVEl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MzAzODMyODYxNTY0MzQ1MDUvNjYyMjMyOS80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVVXZLR2VxckdHZXpoMnl5UFRPY2I4cy8xLzQvMC8wLzk1NjgwMy8yODI2Mzc3NDcyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTMwMzgzMjg2MTU2NDM0NTA1L3pyaC8wLzE3NS8zNS85OTkvMzIyLzE2OC4xMTkuMjUuMC8wLjAwMC8xNjM3ODI1ODk1LzE2Mzc4Mzg0OTUvNC9wdWItMjU0ODQ5OTY4ODI3MDg2NC8/Q5qz2On0FOEBFRGmdms0eYLwq9M&nodeid=2628&group=zrh&auctionid=8530383286156434505&shardkey=8530383286156434505&sid=4562306&cid=6622329&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%26client%3Dca-pub-2548499688270864%26adurl%3D
Requested by: Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.209.5 /
Resource Hash: 2c741bb10ecf08bb819722f64d86cc25caf2201940db59372536f93793145098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:15 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1637825895
Last-Modified: Thu, 25 Nov 2021 07:38:15 GMT
Server: MMBD/3.209.5
x-mm-latency: 73 (73)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x35, zrh-bidder-x142
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Thu, 25 Nov 2021 07:38:14 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D3CC 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:17:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3CC 119 KB
37 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 07:38:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D3CC 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:27:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D3CC 0
0 33ms
16ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRd-LvNEpRZsz8H-Ft9oHV3v_vXoRMWBljWJIHemurgHGAZ4TuWGY-mOuPvpUKG3hcYeW6VyklPDhQkAN5RQhFsvlZEg
Requested by: Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D3CC 22 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 01:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 25 Nov 2022 01:59:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 29AA 3 KB
1 KB 42ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 05:45:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 07:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 07:38:15 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 29AA 1 KB
880 B 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:34:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 29AA 0
0 35ms
34ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CU37tZj2fYfmJOeGqlQed1ITYAfjWhMlm2d38iqUPZBABIN-DhAZglYKAgKwHoAHMqLDgA8gBCakCWgS0jobPsj7gAgCoAwHIA5sEqgTgAU_QUhdz87GevwBjEH3fk_Up7bSrppTMjgrSPaCS5_VDlhKwr7Rbeqn6C5pAK0-FyaB3YNhP2yLesBgUd5dC_zJDKjEAibn0EpD44Kea3XY2qtOSoAtoxNnv8K7NgLAX_3GAqSCYVfh0dwJl8jToAwLQ96wwWx9fuKNwGGNJ9e4OV4S6R3RBlGgInHtD_8YYHWjmeGGFW7eKZUtczUh-h7jvdvLOcHcNggd6pI35NddB7EXS6lyPrilnDxnTZqictDFghRBbjesHB4GnL-0F0i759aQv751nzuApG7acBvP5wAT6qqHN6QPgBAGSBQQIBBgBkgUECAUYBKAGLoAHnPKyIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPW2GdIICQiI4YAQEAEYHYAKAcgLAZgMttGz7PIDuBODBNgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0yNTQ4NDk5Njg4MjcwODY0GMOuEg&sigh=n7jGMOe3fyM&uach_m=[UACH]&template_id=515
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 29AA 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:36:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 29AA 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:17:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29AA 119 KB
36 KB 45ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 07:38:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 29AA 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 07:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:27:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 29AA 0
0 27ms
17ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUBALnz83PFQDFfasg2SqyP1i9S_NlNABWCw8a6Gc_vUuNEZnOopd5X_RNpR4rJFl3h6i-AgCpyKvl71LjA43P0p-z6A
Requested by: Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 29AA 27 KB
12 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 21:25:22 GMT

GET
H3 200 18076485150489721097
tpc.googlesyndication.com/simgad/ Frame 29AA 3 KB
3 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18076485150489721097?w=100&h=100

Requested by

Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:06:43 GMT
x-content-type-options: nosniff
age: 48692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3119
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 09:02:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 18:06:43 GMT

GET
DATA 200
OK truncated
/ Frame 29AA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 876eb7ece0096a6fdbedf6d83df7eb541fb97530315b68cf4ab1496d27068edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 29AA 21 KB
22 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 139409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 16:54:46 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 29AA 21 KB
21 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 220609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 18:21:26 GMT

GET
H/1.1 200
OK nd9y524lfv59 Show response
hal9000.redintelligence.net/zone/ Frame D3CC 11 KB
4 KB 27ms
7ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/nd9y524lfv59?subid=&rnd=8530383286156434505&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8530383286156434505%26mt_id%3D6622329%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_cid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%2526client%253Dca-pub-2548499688270864%2526adurl%253D%26redirect%3D
Requested by: Host: www.libex.ru
URL: http://www.libex.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e364c7034863dd84d090a335a4cc45ac657490bd39f5174d275ae5682914b632

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3404
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame D3CC 49 B
330 B 72ms
25ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8530383286156434505&node_id=2628&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdWalpXUXpZVEl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MzAzODMyODYxNTY0MzQ1MDUvNjYyMjMyOS80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVVXZLR2VxckdHZXpoMnl5UFRPY2I4cy8xLzQvMC8wLzk1NjgwMy8yODI2Mzc3NDcyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTMwMzgzMjg2MTU2NDM0NTA1L3pyaC8wLzE3NS8zNS85OTkvMzIyLzE2OC4xMTkuMjUuMC8wLjAwMC8xNjM3ODI1ODk1LzE2Mzc4Mzg0OTUvNC9wdWItMjU0ODQ5OTY4ODI3MDg2NC8/Q5qz2On0FOEBFRGmdms0eYLwq9M&nodeid=2628&group=zrh&auctionid=8530383286156434505&shardkey=8530383286156434505&sid=4562306&cid=6622329&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%26client%3Dca-pub-2548499688270864%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.209.5 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:15 GMT
Server: MMBD/3.209.5
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x25, zrh-bidder-x142
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 25 Nov 2021 07:38:14 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame D3CC 7 KB
3 KB 140ms
31ms Script
text/javascript 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.libex.ru&ui=4eced3a2-0000-0000-0000-000000000000&ap=&ti=8530383286156434505&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&pp=pub-2548499688270864&sr=4&de=43003&si=1994583043&dm=468x60&ac=651871&cr=6622329&ai=216536&c1=4562306&r1=168.119.25.0&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdWalpXUXpZVEl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MzAzODMyODYxNTY0MzQ1MDUvNjYyMjMyOS80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVVXZLR2VxckdHZXpoMnl5UFRPY2I4cy8xLzQvMC8wLzk1NjgwMy8yODI2Mzc3NDcyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTMwMzgzMjg2MTU2NDM0NTA1L3pyaC8wLzE3NS8zNS85OTkvMzIyLzE2OC4xMTkuMjUuMC8wLjAwMC8xNjM3ODI1ODk1LzE2Mzc4Mzg0OTUvNC9wdWItMjU0ODQ5OTY4ODI3MDg2NC8/Q5qz2On0FOEBFRGmdms0eYLwq9M&nodeid=2628&group=zrh&auctionid=8530383286156434505&shardkey=8530383286156434505&sid=4562306&cid=6622329&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%26client%3Dca-pub-2548499688270864%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-144-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7c4c3e00d893fc7c29275839521e3711a62de78ccd13dfc93500cb713f4f4d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:15 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2953
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame D3CC 43 B
405 B 66ms
21ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8530383286156434505&v3=651871&v4=4562306&v5=6622329&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdWalpXUXpZVEl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MzAzODMyODYxNTY0MzQ1MDUvNjYyMjMyOS80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVVXZLR2VxckdHZXpoMnl5UFRPY2I4cy8xLzQvMC8wLzk1NjgwMy8yODI2Mzc3NDcyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTMwMzgzMjg2MTU2NDM0NTA1L3pyaC8wLzE3NS8zNS85OTkvMzIyLzE2OC4xMTkuMjUuMC8wLjAwMC8xNjM3ODI1ODk1LzE2Mzc4Mzg0OTUvNC9wdWItMjU0ODQ5OTY4ODI3MDg2NC8/Q5qz2On0FOEBFRGmdms0eYLwq9M&nodeid=2628&group=zrh&auctionid=8530383286156434505&shardkey=8530383286156434505&sid=4562306&cid=6622329&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%26client%3Dca-pub-2548499688270864%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:15 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Nov 2021 07:38:14 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame D3CC 49 B
330 B 71ms
23ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8530383286156434505&st=4562306&time=1637825895&nodeid=2628
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdWalpXUXpZVEl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MzAzODMyODYxNTY0MzQ1MDUvNjYyMjMyOS80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVVXZLR2VxckdHZXpoMnl5UFRPY2I4cy8xLzQvMC8wLzk1NjgwMy8yODI2Mzc3NDcyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTMwMzgzMjg2MTU2NDM0NTA1L3pyaC8wLzE3NS8zNS85OTkvMzIyLzE2OC4xMTkuMjUuMC8wLjAwMC8xNjM3ODI1ODk1LzE2Mzc4Mzg0OTUvNC9wdWItMjU0ODQ5OTY4ODI3MDg2NC8/Q5qz2On0FOEBFRGmdms0eYLwq9M&nodeid=2628&group=zrh&auctionid=8530383286156434505&shardkey=8530383286156434505&sid=4562306&cid=6622329&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.98&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%26client%3Dca-pub-2548499688270864%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.209.5 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:15 GMT
Server: MMBD/3.209.5
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x27, zrh-bidder-x142
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 25 Nov 2021 07:38:14 GMT

GET
H/1.1

200
OK

request.php Show response
hal900020.redintelligence.net/ Frame D3CC
Redirect Chain

https://hal900020.redintelligence.net/request.php?zone=nd9y524lfv59&nw=20&renderingType=javascript&namespace=4773bf73ea&subid=&uid=e5b4ce5d19646963&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900020.redintelligence.net/request.php?zone=nd9y524lfv59&nw=20&renderingType=javascript&namespace=4773bf73ea&subid=&uid=e5b4ce5d19646963&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
936 B

97ms
85ms

Script
application/x-javascript

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=nd9y524lfv59&nw=20&renderingType=javascript&namespace=4773bf73ea&subid=&uid=e5b4ce5d19646963&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8530383286156434505%26mt_id%3D6622329%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_cid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%2526client%253Dca-pub-2548499688270864%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.libex.ru%2F&ancestorOrigins=http%3A%2F%2Fwww.libex.ru&random=4415620727205&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
URL: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 7c376546f8480ecf2bfe7c26e9f1f0feff2a658ba041a505ab0dfd0228dcc26c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 37358800036203200951387011789020
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Thu, 25 Nov 2021 07:38:15 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 07:38:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=nd9y524lfv59&nw=20&renderingType=javascript&namespace=4773bf73ea&subid=&uid=e5b4ce5d19646963&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8530383286156434505%26mt_id%3D6622329%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_cid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%2526client%253Dca-pub-2548499688270864%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.libex.ru%2F&ancestorOrigins=http%3A%2F%2Fwww.libex.ru&random=4415620727205&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 25 Nov 2021 07:38:15 +0100

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame A336 4 KB
2 KB 18ms
6ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=37358800036203200951387011789020&a=e0773a7e
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=nd9y524lfv59&nw=20&renderingType=javascript&namespace=4773bf73ea&subid=&uid=e5b4ce5d19646963&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x60&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8530383286156434505%26mt_id%3D6622329%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_cid%3D4f77619f-3d67-4b01-b206-e1562d0eec08%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCpO-tZj2fYfqJOeGqlQed1ITYAc-HjptcwIbZgsYCwI23ARABIABglYKAgKwHggEXY2EtcHViLTI1NDg0OTk2ODgyNzA4NjTIAQngAgCoAwGqBNIBT9BHVWBEVSzxomLqm35s1hlXuFD3ASUzT5PXOTcSOBDk7dAmgsUwDAoWpHvuzDsjfPVvSnxTZqgEp_UW0tSToafxTQ5vxarM3VwHcp2MIDsjX4b8KXyUWiUzaZZB_AWS7-dJT0BAOmXi3Q0hWqZ56vix-yGE0a5fS-_wj4PUu6MCWeE4R7F9WZr8_yisfhESh2exVnRicOwxVZafREgKwKVB1ab4mDNN0Mz1pV9COJF09rYJs855HMOxrHDArXQTpqdyQp6gmIFsR03opa4-0IZE4AQBgAbVpKzDoez95soBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3XSNFA4RhpFLHhX0yrk5MyJ8RxWA%2526client%253Dca-pub-2548499688270864%2526adurl%253D%26redirect%3D&documentReferer=http%3A%2F%2Fwww.libex.ru%2F&ancestorOrigins=http%3A%2F%2Fwww.libex.ru&random=4415620727205&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 6bd671327f22b1c4adf10447001870b86b7d1b578b54ad9a7e49deef6e6fce53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/

Response headers

Date: Thu, 25 Nov 2021 07:38:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 25 Nov 2021 07:38:15 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1501
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame D3CC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db3e5b773272fd34cc73fc58fbeacf8dff0becf1bf88279164802c498476f3a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 126ms
31ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?oz_pl=1&dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.libex.ru&ui=4eced3a2-0000-0000-0000-000000000000&ap=&ti=8530383286156434505&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&pp=pub-2548499688270864&sr=4&de=43003&si=1994583043&dm=468x60&ac=651871&cr=6622329&ai=216536&c1=4562306&r1=168.119.25.0&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.40.0/ Frame D3CC 153 KB
48 KB 38ms
38ms Script
text/javascript 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.40.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.libex.ru&ui=4eced3a2-0000-0000-0000-000000000000&ap=&ti=8530383286156434505&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&pp=pub-2548499688270864&sr=4&de=43003&si=1994583043&dm=468x60&ac=651871&cr=6622329&ai=216536&c1=4562306&r1=168.119.25.0&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-144-158.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e0c829acbda91088b85e768076245956a8aa2f08c8069507eff16c0375384590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:15 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48186
Expires: Sun, 03 Aug 2053 05:09:41 GMT

GET
H/1.1 200
OK S-468x60.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame A336 13 KB
13 KB 86ms
26ms Image
image/gif 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-468x60.gif
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37358800036203200951387011789020&a=e0773a7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: e533e03ed9a3fcf8dc4ae47cda9744f79366cb89e7dab662ad7c9a6bbabaa876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:16 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:51 GMT
Server: nginx
ETag: "5b55f217-33dd"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 13277

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame A336 0
150 B 19ms
7ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=37358800036203200951387011789020&a=90af5cb9&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37358800036203200951387011789020&a=e0773a7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=37358800036203200951387011789020&a=e0773a7e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:16 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A336 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame A336 851 B
1 KB 71ms
14ms Script
application/javascript 85.114.131.234
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37358800036203200951387011789020&a=e0773a7e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21038.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 07:38:16 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 31ms
31ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?oz_pl=1&dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.libex.ru&ui=4eced3a2-0000-0000-0000-000000000000&ap=&ti=8530383286156434505&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&pp=pub-2548499688270864&sr=4&de=43003&si=1994583043&dm=468x60&ac=651871&cr=6622329&ai=216536&c1=4562306&r1=168.119.25.0&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 56ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&sid=AOwG0JkfEAIc6ztf&oz_sc=b1678492fc6df64eae1bca3b&oz_df=1637825896143&oz_l=234&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK dc5941a1-fd7b-4111-9b25-21967d46ba5e
https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/ Frame A714 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/dc5941a1-fd7b-4111-9b25-21967d46ba5e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 35ms
35ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&sid=AOwG0JkfEAIc6ztf&oz_sc=b1678492fc6df64eae1bca3b&oz_df=1637825896330&oz_l=5074&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated Show response
/ Frame C848 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 36ms
36ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&sid=AOwG0JkfEAIc6ztf&oz_sc=b1678492fc6df64eae1bca3b&oz_df=1637825896494&oz_l=6233&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 35ms
34ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&sid=AOwG0JkfEAIc6ztf&oz_sc=b1678492fc6df64eae1bca3b&oz_df=1637825896664&oz_l=1086&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 2788bb32-620c-410a-9163-1b5b8a64099f
https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/ Frame D3CC 795 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/2788bb32-620c-410a-9163-1b5b8a64099f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b42fa081275ba14ffa76fe75a5386e1b6c89166ba8d9a030962904e51dc68a9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 795

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 29AA 0
0 46ms
30ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cde2EZj2fYfmJOeGqlQed1ITYAfjWhMlm2d38iqUPZBABIN-DhAZglYKAgKwHoAHMqLDgA8gBCakCWgS0jobPsj7gAgCoAwGqBOABT9BSF3PzsZ6_AGMQfd-T9SnttKumlMyOCtI9oJLn9UOWErCvtFt6qfoLmkArT4XJoHdg2E_bIt6wGBR3l0L_MkMqMQCJufQSkPjgp5rddjaq05KgC2jE2e_wrs2AsBf_cYCpIJhV-HR3AmXyNOgDAtD3rDBbH1-4o3AYY0n17g5XhLpHdEGUaAice0P_xhgdaOZ4YYVbt4plS1zNSH6HuO928s5wdw2CB3qkjfk110HsRdLqXI-uKWcPGdNmqJy0MWCFEFuN6wcHgacv7QXSLvn1pC_vnWfO4CkbtpwG8_nABPqqoc3pA-AEAZIFBAgEGAGSBQQIBRgEoAYugAec8rIgqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ9bYZ0ggJCIjhgBAQARgdgAoByAsBmAy20bPs8gO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTI1NDg0OTk2ODgyNzA4NjQYw64S&sigh=C5rnMwhsOAw&vt=1&template_id=515&uach_m=[UACH]
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 29AA 42 B
64 B 71ms
55ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ4ZAhWfVDErAB9E4c0WjxqoCOw4wotlUtgDQt3mv1lmJXZzNxTYnXIYy2VKcH0p8rOiT9w-7PwFSnLHYhpzqsPngaSLfXMbQZEErIwREilAKTxZrwMIrKoV9gqB3Og0HAXOjm2PKPhFBevtNXx5cogpOw9agPng&sai=AMfl-YRmcm7awebwD2m0za2z1lQ9TVS82828JhSnJKaJEEo2jbT_unC1l0t_4IUlDm5KX10NCVv_XS3SP4kw7RXgYTIOMq3x88cUnzGSvSAuR1Qh8A9AbWCzK-ZtFOGSQxc&sig=Cg0ArKJSzJQFht8fRs-QEAE&id=lidar2&mcvt=1000&p=0,1255,60,1489&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1991737510&rs=4&la=0&cr=0&vs=4&r=v&pay=1&rst=1637825895614&rpt=150&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 07:38:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 33ms
33ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&sid=AOwG0JkfEAIc6ztf&oz_sc=b1678492fc6df64eae1bca3b&oz_df=1637825896821&oz_l=3361&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:15 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/ Frame D3CC 0
145 B 31ms
31ms XHR
text/plain 18.203.144.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.40.0/619621/AOwG0JkfEAIc6ztf/postback?dt=6196211556140246740000&pp=pub-2548499688270864&dm=468x60&cr=6622329&pd=avt&ui=4eced3a2-0000-0000-0000-000000000000&ap=&de=43003&si=1994583043&r1=168.119.25.0&di=http%3A%2F%2Fwww.libex.ru&pv=a3065d56-d8a3-46dd-a01a-bcb784a3e472&r2=&r3=&ci=619621&ti=8530383286156434505&sr=4&ac=651871&ai=216536&c1=4562306&sid=AOwG0JkfEAIc6ztf&oz_sc=b1678492fc6df64eae1bca3b&oz_df=1637825897025&oz_l=1236&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.144.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-144-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 25 Nov 2021 07:38:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.libex.ru/img/x/39/18	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/13/0f	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/0c/14	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/06/14	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/0a/14	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/07/14	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/01/14	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/03/14	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/x/00/14	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/picto	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/stars	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/cond	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/banr	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img/tab	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/css	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/img	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/	1969-12-31 23:59:59	Name: libex_welcome_here2 Value: 1111111
www.libex.ru/	1970-01-20 07:35:29	Name: libex_uid Value: 303171363076141
.libex.ru/	1970-01-20 16:28:17	Name: __utma Value: 231513346.1712458961.1637825895.1637825895.1637825895.1
.libex.ru/	1970-01-19 22:57:07	Name: __utmb Value: 231513346
.libex.ru/	1969-12-31 23:59:59	Name: __utmc Value: 231513346
.libex.ru/	1970-01-20 03:19:53	Name: __utmz Value: 231513346.1637825895.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.rambler.ru/	1970-01-25 20:05:16	Name: ruid Value: 1CIAAGY9n2H3pucjAQmPYgB=
.yadro.ru/	1970-01-20 07:42:03	Name: FTID Value: 1Xdprc3MXJeC1Xdprc00012Q
.yandex.ru/	1970-01-20 16:28:17	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:28:17	Name: is_gdpr_b Value: COC+ehD6UhgB
.yandex.ru/	1970-01-20 16:28:17	Name: i Value: INrmXGqR3s0fRtOWJTdPN6Ge3Qs3vHOrEv5deFggaqCyZklfMaQXd4ruXT/blAqGJl82iQJ2X7LFNtaUdV/zjcQ2b28=
.yadro.ru/	1970-01-20 07:42:03	Name: VID Value: 0bk2-_1a1XeC1Xdprc000H2Z
.mail.ru/	1970-01-20 07:44:08	Name: VID Value: 3xebA_1w1zI600000X12H426:::0-0-0-6b99627:CAASEMpmYW-fREVVAnR35Orqk-caYMqmElcf5SjnAnh68ExsU9kI8TgHzYkGCQT40U3KpHmZgkejqdcJCCq2EOJwPeG_eFEH-2P4M7tREklLvrYNr4rpUmCjHHekw7Wli0RXYo65hZiSiJR6bUll4hqxklehcw
.libex.ru/	1970-01-20 08:18:41	Name: __gads Value: ID=6e2e728bb5a576ca-221e316df6cb0032:T=1637825894:S=ALNI_MYVzx_tcBI4INRdWYtK2GN0b-FFZw
.doubleclick.net/	1970-01-20 08:18:41	Name: IDE Value: AHWqTUlvcnlgkvKQLQhTWGZv_PERXFNB0njY3rBESJA-5bnbcavSMTRVOWEHcbasC6Q
.mathtag.com/	1970-01-20 07:42:41	Name: uuid Value: 4f77619f-3d67-4b01-b206-e1562d0eec08
.redintelligence.net/	1970-01-20 01:06:41	Name: 8lcfmzhxc8d6_uid Value: c0a72ed1bf4fabcb

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/dc5941a1-fd7b-4111-9b25-21967d46ba5e Message: Mixed Content: The page at 'blob:https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/dc5941a1-fd7b-4111-9b25-21967d46ba5e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/dc5941a1-fd7b-4111-9b25-21967d46ba5e Message: Mixed Content: The page at 'blob:https://042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com/dc5941a1-fd7b-4111-9b25-21967d46ba5e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

042be3151eccdfb74e2197a7eea28648.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.contentspread.net
counter.rambler.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
hal9000.redintelligence.net
hal900020.redintelligence.net
libex.ru
pagead2.googlesyndication.com
pixel.mathtag.com
s.update.mediamathtag.com
securepubads.g.doubleclick.net
tags.mathtag.com
top-fwz1.mail.ru
top.list.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.libex.ru
www.yandex.ru
104.248.135.5
138.201.84.244
142.250.186.98
178.63.52.121
18.203.144.158
185.29.132.246
2.18.233.201
217.69.133.145
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a02:6b8:a::a
81.19.89.17
85.114.131.234
88.212.201.216
00f637fdf5073a9d8858342ad672ba9798a462e414e2e08a063760d61797ba0c
08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
130d5a351f8f72f283892daea22cb7c1859313f8b92bd8621c93786a1713f872
1583fb7817988575511b01b948a3e95250d8e6411bba9c9133ab84771a5685ba
1617c7d6cf8b704b3679b2a83ddf1be7f291da6e1553d4df91e2880417619ea9
172acf57e2333a696bdef4d875f4fe1e5e64a669d1dbf9222e2087170a640c4a
1a640c8c84930899dcf14f5ad006f893f2989b68ecf5c80b13ede84eba8239f9
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
266542a61a0a17599ebe8801d2b20ff922807cc83b6dc37f263bcb1db7a43016
2c741bb10ecf08bb819722f64d86cc25caf2201940db59372536f93793145098
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31746014726c31b5b5c5471f2cb46bf4c5db28453d393124782169f8c755bb42
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37f9ae32b9eaeb39a71382943d255d9a1160cf088206d6f43635aef12d32b569
3b769d35aad58b7bc6f187a679b4b7708392233a835f55d0d891c5b1698d1707
3edd331bc52584dc8854429bb24c778e83cd761f3f71eb2139198a47789b40cd
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
49560c2f72a1a58e2a28f837bad995c48c297d245d8e489ec2269845b61b78d9
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51658e4fff7aebf109d33c5848fed186c98fedc0504d85a18e6350f50d4a3f12
5a461892414317c65bc37362f6129dc196b00298902fe588aef956abab9145c0
60b72cbe87c0e474e33b94e883883a4924354a8d58f812dfb369c91d53a459fb
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
67c2655f511133f2f873673ab0803f9774917b8f32a990ba15be5570a082870b
690edd010614eaba4d341e0f2b1bc144ff147a75988f098fbbec0820c5f203b5
6bd671327f22b1c4adf10447001870b86b7d1b578b54ad9a7e49deef6e6fce53
7154edfdfcd8ab887629e3e2a351cf370aa98dfcb7102041a9412dadbf3bd824
79ad656c24ca76ac29e60d7bb8ada3fd67bc18f6dabd5617e171d1637e30514a
7b1af95e282c7d0dd2d81c4801c18e6831c61830c132b854902462c0bd2b9055
7c376546f8480ecf2bfe7c26e9f1f0feff2a658ba041a505ab0dfd0228dcc26c
7c4c3e00d893fc7c29275839521e3711a62de78ccd13dfc93500cb713f4f4d8d
8121c39b04896e0e8074b72933cf5420a4d5565d9dfb3e571b366608e9cfb581
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
849c36934f765db7b28f9f3f9e0f05d5a5f70337d313bfc4f2d4a14a2c9e5e40
876eb7ece0096a6fdbedf6d83df7eb541fb97530315b68cf4ab1496d27068edd
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bae061b92d562b9458ba47a41a284d43474516f6edd4da6887c9f7658311b77
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
93d5de5fa82cc570d05d70bf20e58ac80f02b44f405e6ca7579f872d36572052
96a3e1107dca3496749599252590347c10b81b4856b876cf3ecc60d72a239772
98345fa5d70fd205c2cba5aeee8013fbb9978a5a43255c610b675e087066800b
a3f62bfb7d9a1975d55a4ca8d235aaf59b104fa9748ad644a798cc8dbc20d828
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8a8e1463c4c788a1666afb40723fdfbc1aad5e8accaef9b187c3c3f46ee82b7
a93d9e265b438372ffd7f52918b7e22289ce3305fc81ed4b487ad19d192534a8
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
aebe5186d868bad2db62bebd12b517866e6295a1a263c4c525ec40363dc6c7c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42fa081275ba14ffa76fe75a5386e1b6c89166ba8d9a030962904e51dc68a9d
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b719227b172c6542a982928920f58916bbc31bd938362ac9195486da42a4ec1a
ba49edc4a6d0d00b50613429f8374debce302127856deef8193b2f374b68c6a0
bd134a7b5ea2f27c033f1d50852d282a8f0afdbd02e610cba49356503fbbcadc
c1776ca309ba8aa889cab874fe5a64f4ec2a76bc2df9a1270dbecffbaef3d264
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
ca6efa01ced13ca360dbdc9bbfedd6f6704f8d1a16eb03f669e1003b475f9ecb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2e00df393ef39b282bb6c23a0176342b9938234c85438d9b9f55046d41e3ab9
d48aead47833d1331a49404563cdcada75e73ca381a701a7ae05936e801dedc3
d75b2d402682465c5c1b962b98d36c6b174d0e29bceee295ff3c77d233c384f0
da6b4a6c14ae46bf7c749e7798c1058f5c9f194c35ede1c381db964083869481
db3e5b773272fd34cc73fc58fbeacf8dff0becf1bf88279164802c498476f3a9
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
deede24c8554cb46a5e100ef38c2948976c6ff1f3f2a653d8b40504c3bfb0c2e
e0c829acbda91088b85e768076245956a8aa2f08c8069507eff16c0375384590
e2ca989f07e64cfdef3aeab23cf82445e74a7d13ab168ae7e6ec3e9a73ee05a0
e364c7034863dd84d090a335a4cc45ac657490bd39f5174d275ae5682914b632
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e533e03ed9a3fcf8dc4ae47cda9744f79366cb89e7dab662ad7c9a6bbabaa876
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ebc6196bdd87d61f259f45cf2245fa9367a0f402578391eaa4546e9f32204d35
eebbfb0ef700f93ee1b4db39d4eefd1f8f5ebf6dbb6c5c469319f94bf9e875d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f757a0a09d413f412148abe822ba28df2ea4be9bef73fa4541aba1ebaa58ba6c
f9fdf65f6eb89ccf163edaa49a19027a9481b324b09d0c964fc33f5c981e4a95

www.libex.ru Open in urlscan Pro 104.248.135.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

105 Requests

55 %HTTPS

50 %IPv6

18 Domains

25 Subdomains

24 IPs

5 Countries

710 kBTransfer

1474 kBSize

33 Cookies

2 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.libex.ru Open in urlscan Pro
104.248.135.5 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

55 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

24
IPs

5
Countries

710 kB
Transfer

1474 kB
Size

33
Cookies

105 HTTP transactions
4 data transactions