choice-helper.com Open in urlscan Pro
2606:4700:3032::ac43:a083 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://choice-helper.com/
Submission Tags: falconsandbox
Submission: On October 23 via api (October 23rd 2020, 3:28:52 pm UTC) from US

Summary HTTP 68 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3032::ac43:a083, located in United States and belongs to CLOUDFLARENET, US. The main domain is choice-helper.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.

This is the only time choice-helper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3032::ac43:a083	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:6c00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
5	139.162.151.130 139.162.151.130	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2600:9000:20e... 2600:9000:20eb:b600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:209... 2600:9000:2093:7c00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	3.121.118.243 3.121.118.243	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	3.226.37.37 3.226.37.37	14618 (AMAZON-AES) (AMAZON-AES)
13	2600:9000:215... 2600:9000:2156:a600:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
68	18

18 2606:4700:3032::ac43:a083 (United States)

ASN13335 (CLOUDFLARENET, US)

choice-helper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.18 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6c00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.151.130 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: reformal.ru

media.reformal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tab.reformal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.reformal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
reformal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:b600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2093:7c00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.118.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-118-243.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.37.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-37-37.compute-1.amazonaws.com

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2156:a600:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	choice-helper.com choice-helper.com	290 KB
17	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com	48 KB
7	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	86 B
6	yandex.ru 1 redirects mc.yandex.ru	98 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	145 KB
5	reformal.ru media.reformal.ru tab.reformal.ru log.reformal.ru reformal.ru	13 KB
3	google-analytics.com www.google-analytics.com	19 KB
1	rambler.ru kraken.rambler.ru	1 KB
1	consensu.org c.sharethis.mgr.consensu.org
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	316 B
1	googleadservices.com partner.googleadservices.com	632 B
1	top100.ru st.top100.ru	21 KB
68	14

	Domain	Requested by
18	choice-helper.com	choice-helper.com
13	platform-cdn.sharethis.com	choice-helper.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	mc.yandex.ru	1 redirects choice-helper.com mc.yandex.ru
4	pagead2.googlesyndication.com	choice-helper.com pagead2.googlesyndication.com
3	www.google-analytics.com	choice-helper.com www.google-analytics.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	media.reformal.ru	choice-helper.com
1	kraken.rambler.ru	choice-helper.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	reformal.ru	choice-helper.com
1	log.reformal.ru	choice-helper.com
1	tab.reformal.ru	choice-helper.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	platform-api.sharethis.com	choice-helper.com
1	st.top100.ru	choice-helper.com
68	23

This site contains links to these domains. Also see Links.

Domain
choice-helper.reformal.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.top100.ru RapidSSL RSA CA 2018	`2019-02-07` - `2021-03-08`	2 years	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.reformal.ru Let's Encrypt Authority X3	`2020-09-29` - `2020-12-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.rambler.ru RapidSSL RSA CA 2018	`2019-04-15` - `2021-06-13`	2 years	crt.sh

This page contains 9 frames:

Primary Page: https://choice-helper.com/
Frame ID: FADF626864B1702737F882553FCC7D06
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201020/r20190131/zrt_lookup.html
Frame ID: 20EF4AE6F202D091D2FD9E6D994F84F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&adk=1812271804&adf=3025194257&lmt=1603466914&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fchoice-helper.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914767&bpp=12&bdt=87&idt=117&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3812097662232&frm=20&pv=2&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=133292&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
Frame ID: 805BF93BE279A494D1E5A5A271FA00D5
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 50ADB9B1132993368674180003116BA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=280&slotname=2912964457&adk=73486025&adf=4283947098&pi=t.ma~as.2912964457&w=1200&fwrn=4&fwrnh=100&lmt=1603466914&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914787&bpp=7&bdt=106&idt=123&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=E7WDAyflda&p=https%3A//choice-helper.com&dtd=130
Frame ID: 1D8B1100FBFDCD2754DED9479D9C2AD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=600&slotname=9290697700&adk=1715906585&adf=9752778&pi=t.ma~as.9290697700&w=237&fwrn=4&fwrnh=100&lmt=1603466915&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=237x600&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914794&bpp=1&bdt=114&idt=206&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YCMa4DvFmV&p=https%3A//choice-helper.com&dtd=209
Frame ID: D94270CFC44EE0EB59CD3C4699353F17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=600&slotname=6432484107&adk=3236624214&adf=3310008130&pi=t.ma~as.6432484107&w=160&lmt=1603466915&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914838&bpp=1&bdt=158&idt=188&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C237x600&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1348&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vrJTKXioH4&p=https%3A//choice-helper.com&dtd=191
Frame ID: 1B60D3B8284046BEEA7FB138773C4953
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=280&slotname=5240525149&adk=3089360894&adf=2469108229&pi=t.ma~as.5240525149&w=1200&fwrn=4&fwrnh=100&lmt=1603466915&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914840&bpp=1&bdt=160&idt=193&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C237x600%2C160x600&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ik1t7bRw1s&p=https%3A//choice-helper.com&dtd=196
Frame ID: 747CCBC701AED469849027A1EF77BDF3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: E5A3E754B8EF8CA296E7AF47669F09AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

68
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

23
Subdomains

18
IPs

4
Countries

662 kB
Transfer

1625 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://choice-helper.reformal.ru/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://mc.yandex.ru/watch/21923257?wmode=7&page-url=https%3A%2F%2Fchoice-helper.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603466914201%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201023172834%3Aet%3A1603466915%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A309231576770%3Arqn%3A1%3Arn%3A601212130%3Ahid%3A916118775%3Ads%3A15%2C20%2C439%2C108%2C1%2C0%2C0%2C183%2C0%2C%2C%2C%2C662%3Afp%3A559%3Awn%3A24517%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603466915%3Au%3A160346691549241986%3At%3AThe%20Choice%20is%20Over HTTP 302
https://mc.yandex.ru/watch/21923257/1?wmode=7&page-url=https%3A%2F%2Fchoice-helper.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603466914201%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201023172834%3Aet%3A1603466915%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A309231576770%3Arqn%3A1%3Arn%3A601212130%3Ahid%3A916118775%3Ads%3A15%2C20%2C439%2C108%2C1%2C0%2C0%2C183%2C0%2C%2C%2C%2C662%3Afp%3A559%3Awn%3A24517%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603466915%3Au%3A160346691549241986%3At%3AThe%20Choice%20is%20Over

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
choice-helper.com/ 20 KB
6 KB 475ms
438ms Document
text/html 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d36cb3679e3d4b7d55a7ad8104327bdc27e03bbc08c470d6f960a9794fff50b

Request headers

:method: GET
:authority: choice-helper.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 23 Oct 2020 15:28:34 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d4d854a2a7c1fdf8faaedc7d1ce24b8a41603466914; expires=Sun, 22-Nov-20 15:28:34 GMT; path=/; domain=.choice-helper.com; HttpOnly; SameSite=Lax JSESSIONID=A0B8FDDF773068A6C24D4B40395F104E; Path=/; Secure; HttpOnly
x-rate-limit-remaining: 19
content-language: en-US
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 05f7ac81c10000c2bd2ca33000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MxC7KUt19N0FQwH8d%2B9FsYdZYa927tAuzGA46yf8CYrWadvXlqCuahA7ekFQR%2FHEFp1%2Fe0Wnrh0wOAlZrVYT8bMUZJ1uPUV7a0SfeJBvbuH7vfUAd9bIoc15dCY0aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e6c7d160a80c2bd-FRA
content-encoding: br

GET
H2 200 application-e803bb5551bdf187cf806e6b273fdcba.css
choice-helper.com/assets/ 148 KB
19 KB 31ms
29ms Stylesheet
text/css 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://choice-helper.com/assets/application-e803bb5551bdf187cf806e6b273fdcba.css
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74263c5ff480fb69e468c5827cb217f6b06259d3217bed4276bbc1f7249e691

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2935367
status: 200
content-encoding: br
cf-request-id: 05f7ac83870000c2bdff888000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: W/"application-e803bb5551bdf187cf806e6b273fdcba.css"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pi1MXRiVrSlTxe2ml2Xr%2BkhmjgBj8fzDxoHkUgslzoaq1sfoBYaxVdS8ptTVjFfYVfnZ%2Bsnuu5Q%2FQdngIsova%2F1A4XfeLUOsRRvYmUwrV49wdBbF47okBTANMlwAiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 5e6c7d18dfebc2bd-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
46 KB 41ms
22ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: choice-helper.com
URL: https://choice-helper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b85175a566721e3ff13c5a145de9d972552c4cbb5976bb5d12f8d786503ce956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45779
x-xss-protection: 0
server: cafe
etag: 1171751171436099258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Oct 2020 15:28:34 GMT

GET
H2 200 clover_w19h17-0e210800ec53d38c6179e7715902026d.png
choice-helper.com/assets/ 4 KB
4 KB 32ms
31ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/clover_w19h17-0e210800ec53d38c6179e7715902026d.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b357154a81f4989c806d9d5b341e2f6b33bec4192257f12df3bf8a66916cbff2

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 602303
status: 200
content-length: 3753
cf-request-id: 05f7ac83870000c2bdd18d3000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "clover_w19h17-0e210800ec53d38c6179e7715902026d.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kW7QVgXWuyTfgd73K5pTHZNVnEv1WEDATVD0M90ZbLfvcDsoPUseuv5oLCOFxgwrlJ2VHP5Nbwp1LXX%2FSJ8s4PlA1OaXKLqXrj20zKoiMd0wnnCygKzYZOgmejdPTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dfecc2bd-FRA

GET
H2 200 question_coin_w17h17-3b820aec541d3a6cf08254d814becbaa.png
choice-helper.com/assets/coins/ 3 KB
4 KB 28ms
27ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/coins/question_coin_w17h17-3b820aec541d3a6cf08254d814becbaa.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc846dda7b56996354d225a37701a4fc9f80ea1f32a58cb24f8541de5b300c1d

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2935366
status: 200
content-length: 3567
cf-request-id: 05f7ac83870000c2bdcc0ed000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "coins/question_coin_w17h17-3b820aec541d3a6cf08254d814becbaa.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oMe%2BNjVmzcvDJfY7qNQXXkPOhZOySlAo9B7E%2FioKIFoV3e%2F85NLMUBoKUyF6ICjna8Yf%2FCQHIMKjvENByvOLM13mzdwim4NjHfD97U0nIzQbumTWWvB%2B8DM7i%2FaJyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dfefc2bd-FRA

GET
H2 200 question_mark_icon_w17h17-fd2e669b177149c1a8847448b0527646.png
choice-helper.com/assets/answerer/ 3 KB
4 KB 26ms
25ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/answerer/question_mark_icon_w17h17-fd2e669b177149c1a8847448b0527646.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5adb289c961012adc0a1875c9b6a3a2f28986c9a0441c8bf82db7fcd12c29208

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2935366
status: 200
content-length: 3311
cf-request-id: 05f7ac83870000c2bdef829000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "answerer/question_mark_icon_w17h17-fd2e669b177149c1a8847448b0527646.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=85cENEY1Cx%2F5qMybD55Xjk6qyNGULWaoH0SZM3CozWqlQ5vGkttioe4JXzbIo4W2r5%2BFyAFOz9jjwIyDQ7hqT3VCJrp8OANbNDgT2JwZgol9p911GQA8P9raXNaHrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dff1c2bd-FRA

GET
H2 200 die1_w16h17-503fb9e17fcd03758ca3a1e151622f40.png
choice-helper.com/assets/dices/ 4 KB
4 KB 24ms
23ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/dices/die1_w16h17-503fb9e17fcd03758ca3a1e151622f40.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e56ede68567cdb2df301ed77a77477c74826b610d02a17453cd5e2f2345d5c

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2935366
status: 200
content-length: 3711
cf-request-id: 05f7ac83870000c2bdce27a000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "dices/die1_w16h17-503fb9e17fcd03758ca3a1e151622f40.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ff8jLnJ8SP%2B%2FJVGN0xe0AxCyrCwz6SzsPNacjfIQN5sJx1XakvF0ZPpxY6x0XFdDOQwH%2FvYhNJel3zrsxahjjbGeSzrtT%2BZZ4wTMIq7M7CChRlp8uh1GsxblBuQgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dff3c2bd-FRA

GET
H2 200 wheel_icon_w17h17-e864ca732267f0f94b68ed4a22d26a9e.png
choice-helper.com/assets/wheels_of_fortune/ 4 KB
4 KB 24ms
23ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/wheels_of_fortune/wheel_icon_w17h17-e864ca732267f0f94b68ed4a22d26a9e.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 063b50960bf58cd1e529018b7f3663ce7401187fcbd1db74850e5514acd66d60

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 602303
status: 200
content-length: 3827
cf-request-id: 05f7ac83880000c2bd2ca51000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "wheels_of_fortune/wheel_icon_w17h17-e864ca732267f0f94b68ed4a22d26a9e.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uJL6GYlR0DepzIFwrOYdrJ1CeyY%2F2tYyakz8DcJ6%2F2zztOAAsYzRBmmTEzpKycPN7t7LLmZq9qUhD2%2Bs64cIwgz04hOo6EJzR82VPYYoLT%2BjT0ToGx5bS0wHiqJzBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dff4c2bd-FRA

GET
H2 200 matchstick_icon_h17-313396eee153066063ec345c607ba6b2.png
choice-helper.com/assets/draw_lots/ 3 KB
4 KB 24ms
23ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/draw_lots/matchstick_icon_h17-313396eee153066063ec345c607ba6b2.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88bd7c6ac5412da291b23af59ef372e445cc4eaa7bbc501225bdec1d28f4f05

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2935366
status: 200
content-length: 3356
cf-request-id: 05f7ac838b0000c2bdc73ce000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "draw_lots/matchstick_icon_h17-313396eee153066063ec345c607ba6b2.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UQ0luD8arNWGfXszgaE5jYWIHT5gBDvI3teFuPtARX4D2zufeLujcjNZUtC%2BVDTJejS3FF8obQAFbFLjNtW66fxCJWeBBKdnwiLw8OHiKfzr2BUsQUmbarQylN8AXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dff6c2bd-FRA

GET
H2 200 gift-084748f477153f32eccd3f1dafcd214b.png
choice-helper.com/assets/giveaway/ 1 KB
2 KB 19ms
18ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/giveaway/gift-084748f477153f32eccd3f1dafcd214b.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30bf612fb6cc5a1e73f6dce5106acda0df7edf24c0e54333ec7337dbfa734223

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2935366
status: 200
content-length: 1373
cf-request-id: 05f7ac83880000c2bd1e923000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "giveaway/gift-084748f477153f32eccd3f1dafcd214b.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RFe5TC65HCt7JV8ar2sHyUxSG%2FCekVoqb%2B16p369flILzPugIrSg8f0ZKNLBwUpY0ggiyDNudR2WYdsvQqxGyGT%2Fh5veYxQJCMWDfDfEDEN5w7IZ9DCzUBGSaJeI3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dffac2bd-FRA

GET
H2 200 gb-0894999b108830afc0733ee7b6e08310.png
choice-helper.com/assets/flags/png/ 599 B
1 KB 22ms
21ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/flags/png/gb-0894999b108830afc0733ee7b6e08310.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2935366
status: 200
content-length: 599
cf-request-id: 05f7ac83890000c2bd29a8e000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "flags/png/gb-0894999b108830afc0733ee7b6e08310.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4HGXDBm%2FKVtyEzmwtsZPg9Xxct5r8bu3xn6k6aTdpE9MFGk5pY0w3cFTC4fFny14NCRWQsSWDRKAT9wbcHGnWnS%2FnJa%2B1dxTzQO4SpHhk2jsIHMiEWcvNumpLBDWWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dffcc2bd-FRA

GET
H2 200 ru-0d31ef75adef220e73f0cb93a84a7422.png
choice-helper.com/assets/flags/png/ 420 B
760 B 20ms
20ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/flags/png/ru-0d31ef75adef220e73f0cb93a84a7422.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1312805
status: 200
content-length: 420
cf-request-id: 05f7ac83890000c2bdfc10e000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "flags/png/ru-0d31ef75adef220e73f0cb93a84a7422.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cDtwNr3I1v2emOYUn0c848GTOgrpSxMRIJGpXxzA5rbeNYuMWJ48RiGEuSONmRIzVCUdch%2BQRM2NfOTBqgIRqKw8WFtJST5NJSGFaIlOEA1%2BDIO4B3X4pEu%2BF3UlFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d18dffec2bd-FRA

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 45ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: choice-helper.com
URL: https://choice-helper.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:34 GMT
Content-Encoding: br
Last-Modified: Mon, 19 Oct 2020 16:14:08 GMT
ETag: "5f75f273-175fc"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 95740
Expires: Fri, 23 Oct 2020 16:28:34 GMT

GET
H/1.1 200
OK top100.js Show response
st.top100.ru/top100/ 60 KB
21 KB 372ms
172ms Script
application/javascript 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.17.9 /
Resource Hash: fb0601da73f3d87bf5853b84a3697b22e6f08c4c076d6a769dfab189f6d72947

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jan 2020 17:53:36 GMT
Server: nginx/1.17.9
ETag: W/"5e20a320-efdd"
Vary: Accept-Encoding
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Fri, 23 Oct 2020 16:28:34 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/ 230 KB
87 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2c55955d03171c7071b0e78e295600a97262f07be41957088453a489acb1ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88435
x-xss-protection: 0
server: cafe
etag: 12352367861980758472
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Oct 2020 15:28:34 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201020/r20190131/ Frame 20EF 0
0 7ms
6ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201020/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 22 Oct 2020 23:42:08 GMT
expires: Thu, 05 Nov 2020 23:42:08 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 56786
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 question_coin_w200_h200-6326fe78fe23c4f86852be37fca165ca.png
choice-helper.com/assets/coins/ 32 KB
33 KB 20ms
16ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/coins/question_coin_w200_h200-6326fe78fe23c4f86852be37fca165ca.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44feae43d59b9226b9f2ced3d823fe55011cf41ff5ad34a9e3a87bf089170d1a

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 85683
status: 200
content-length: 33087
cf-request-id: 05f7ac83e90000c2bdea1fd000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "coins/question_coin_w200_h200-6326fe78fe23c4f86852be37fca165ca.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2cmD2BhJ2XmB3%2BHg19D9JmjDsKo6JoPfM4J7E%2BYCk083zcVYVbecS15PoBiBkzahWGP3NAgFizl6klLOv9HzKyc913KVBPAszQv5CDYJuWrvKZd059g%2BsgovHDMRjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d197931c2bd-FRA

GET
H2 200 dice-white-en-7-df80c4c8d01815015ad17b819b6ddc1e.png
choice-helper.com/assets/answerer/ 5 KB
5 KB 428ms
425ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/answerer/dice-white-en-7-df80c4c8d01815015ad17b819b6ddc1e.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5d6dc83e5194ffc981df1537103d747937f982aff40b6e0f03aec9329d3684

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 5208
cf-request-id: 05f7ac83e90000c2bdff88f000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "answerer/dice-white-en-7-df80c4c8d01815015ad17b819b6ddc1e.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FkWIDqWJNztySflJQhsVzbT78aEWhk6BGfHDTIpfo6IF1BfbAgtek0pY3NAIlIziFRS4xQby66Ht28IWA%2FP5ChfuhChn5CmnpscNDNSJInVx0etmkzE7B%2F3L6vjBcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d197933c2bd-FRA

GET
H2 200 two_white_dices_h200-e81e169e954ca6f405af0e49f05cee2a.png
choice-helper.com/assets/dices/ 27 KB
28 KB 612ms
608ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/dices/two_white_dices_h200-e81e169e954ca6f405af0e49f05cee2a.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df73b7bc5b4e3f7a82443822c230036f9b15c3bbf9370a0454fecb37ad36aaff

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 28002
cf-request-id: 05f7ac83ea0000c2bd42803000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "dices/two_white_dices_h200-e81e169e954ca6f405af0e49f05cee2a.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4fTjQg7R44i7D9XYIMh%2BrvFy47SegFvwErjHcYqW%2FwVCCgeeIuoyrCYnlGP9gF3rZliYsi7WaHD5sHEDbawwt0fl0C15%2BiFsK2ZWBwAC%2FvL7y3qjB%2B4I9uOp7FRPeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d197934c2bd-FRA

GET
H2 200 wheel_of_fortune_logo_08678_h200-ea9d319d939f89a8bd1b77e2c3a1bd39.png
choice-helper.com/assets/wheels_of_fortune/ 88 KB
88 KB 20ms
17ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/wheels_of_fortune/wheel_of_fortune_logo_08678_h200-ea9d319d939f89a8bd1b77e2c3a1bd39.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5be34e4db57c855658f1d7a1e4fa4d0d1cf2425d4065bce7be903e9a129a8ee

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 85683
status: 200
content-length: 89988
cf-request-id: 05f7ac83ea0000c2bd2ca5b000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "wheels_of_fortune/wheel_of_fortune_logo_08678_h200-ea9d319d939f89a8bd1b77e2c3a1bd39.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dP2QBo8z6JcIAmPPAEoXzsoK73wp5OcUAQK0qI%2FMN0rAwl0b27utmdY%2F6av%2F9fUBnkjKYM9fi5yyrtZ7uiLh9PTUHsc75SG8t5NE8akXOmzvOLV9igFdQk5bX4otHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d197937c2bd-FRA

GET
H2 200 zhrebij_h200-246af271e08254be3afef1b50ffaee51.png
choice-helper.com/assets/draw_lots/ 32 KB
32 KB 506ms
503ms Image
image/png 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choice-helper.com/assets/draw_lots/zhrebij_h200-246af271e08254be3afef1b50ffaee51.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f83aa7175a3030f455a88c1ab6d82a080e87635d72e8a032eb2173d6ff6516c2

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:35 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 32376
cf-request-id: 05f7ac83ea0000c2bdeba2f000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: "draw_lots/zhrebij_h200-246af271e08254be3afef1b50ffaee51.png"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t1T5rxHX6ztlhgNxnGpp3CYoWi6JRnt4%2FjXdVyaIpI2c2uJbo3IyEvIaTbFd1CpggCqn5zZL%2FFlzY9dpidEgreY8fYlJEYDg3rRaH%2F%2FozP%2BSgdhTOR%2B1aSmyDOJXhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png;charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e6c7d197939c2bd-FRA

GET
H2 200 email-decode.min.js Show response
choice-helper.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 12ms
9ms Script
application/javascript 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://choice-helper.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: choice-helper.com
URL: https://choice-helper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05f7ac83e80000c2bd24816000000001
last-modified: Wed, 21 Oct 2020 15:36:27 GMT
server: cloudflare
etag: W/"5f90557b-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pEb9KaIfYmnv%2FvgqibT9FGoGdZeOUzIQ6PVnxApF2lAF%2FPJ4Bf9fuQvCk5%2FnNK9R%2BSQhJGzMFd01etgw8aDUbdVLKDqUcIPXLFYE8AtwQfbiNXjZ%2BRbltDaqRU9fmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5e6c7d197929c2bd-FRA
expires: Sun, 25 Oct 2020 15:28:34 GMT

GET
H2 200 application-439fe0a44219640a856a1d331341c3ec.js Show response
choice-helper.com/assets/ 178 KB
51 KB 28ms
25ms Script
application/javascript 2606:4700:3032::ac43:a083
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://choice-helper.com/assets/application-439fe0a44219640a856a1d331341c3ec.js
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9253c84f0eb09d8a4a71b5d4bd953ad521911cb3311a77b4fde1a2a808917fe5

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2618560
status: 200
content-encoding: br
cf-request-id: 05f7ac83eb0000c2bd028d2000000001
last-modified: Tue, 01 Sep 2020 20:45:54 GMT
server: cloudflare
etag: W/"application-439fe0a44219640a856a1d331341c3ec.js"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gZSzuFbGq9hTWpRdznpN7ZyiI9VK7JP5P7U3VN%2Fk6WlnFYJt%2FWqox6L2ysp412Ec6%2BUaVhKvbGjKhPMIWQXL4hr0deCx%2FXDLRH6dQkNFMUkl7TL34y8fAvoBJmRisg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 5e6c7d19792fc2bd-FRA

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 99 KB
31 KB 26ms
9ms Script
text/javascript 2600:9000:2156:6c00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca435c33acbc343c9a3db08401ea0b95c724474a8deea44bb6cce17b005739a9

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:25:54 GMT
content-encoding: gzip
age: 160
etag: W/"18c2e-6rpOsMxFDVyDuEwBnEXQU9fd1Kk"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
status: 200
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bon_hgaMCGBzmnYQNPWxPf7tCMOR2VkxBhZuzQoFxvVHTbthjud7fw==
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
632 B 155ms
55ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=choice-helper.com&callback=_gfp_s_&client=ca-pub-1829566126570248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

5e81f4f6668106e90488db787aee3851283bc7deb1c88eca718f7cd0ec5c0c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: choice-helper.com
URL: https://choice-helper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 766
date: Fri, 23 Oct 2020 15:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 23 Oct 2020 17:15:48 GMT

GET
H/1.1 200
OK reformal.js Show response
media.reformal.ru/widgets/v3/ 15 KB
5 KB 142ms
48ms Script
application/x-javascript 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://media.reformal.ru/widgets/v3/reformal.js
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: reformal.ru
Software: nginx/1.16.1 /
Resource Hash: 1a7323caffa56f81335acbce8066c1154d23666a2fb3fc7049c22a41c8e12f00

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2016 09:51:47 GMT
Server: nginx/1.16.1
ETag: W/"57208bb3-3b0d"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5dd03454cc936d0012fef77b.js Show response
buttons-config.sharethis.com/js/ 1 KB
978 B 34ms
10ms Script
text/javascript 2600:9000:20eb:b600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5dd03454cc936d0012fef77b.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:b600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1207dac904e57c9d08909c12776730ff147421bff8a8b2d3686df47ac1db4fb8

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:20 GMT
content-encoding: gzip
etag: "70f47570f095d6dfe8afaed77b24d2c4"
last-modified: Tue, 02 Jun 2020 23:08:08 GMT
server: AmazonS3
age: 27
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: public, max-age=60
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: CbPOn4LdbT3NcMUPiYyYxrDlefP4Rp2QxiLy9cKIEmmSK-ABXMFjVw==
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
316 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=choice-helper.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 15:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=choice-helper.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 15:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 805B 0
0 73ms
72ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&adk=1812271804&adf=3025194257&lmt=1603466914&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fchoice-helper.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914767&bpp=12&bdt=87&idt=117&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3812097662232&frm=20&pv=2&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=133292&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1829566126570248&output=html&adk=1812271804&adf=3025194257&lmt=1603466914&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fchoice-helper.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914767&bpp=12&bdt=87&idt=117&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3812097662232&frm=20&pv=2&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=133292&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Oct 2020 15:28:34 GMT
server: cafe
content-length: 682
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Oct-2020 15:43:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Oct 2020 15:28:34 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603280362352039"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27607
x-xss-protection: 0
expires: Fri, 23 Oct 2020 15:28:34 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 50AD 0
0 49ms
14ms Document
text/html 2600:9000:2093:7c00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:7c00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 18:27:43 GMT
cache-control: max-age=3600, public
date: Fri, 23 Oct 2020 14:38:06 GMT
etag: W/"83a-174e56b8518"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: J86SpMJ-KBmLvX9MreFXnTZLKfLyJDhvGFp1ZGg9tzdvXaz35zuf7A==
age: 3028

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1D8B 0
0 402ms
401ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=280&slotname=2912964457&adk=73486025&adf=4283947098&pi=t.ma~as.2912964457&w=1200&fwrn=4&fwrnh=100&lmt=1603466914&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914787&bpp=7&bdt=106&idt=123&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=E7WDAyflda&p=https%3A//choice-helper.com&dtd=130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1829566126570248&output=html&h=280&slotname=2912964457&adk=73486025&adf=4283947098&pi=t.ma~as.2912964457&w=1200&fwrn=4&fwrnh=100&lmt=1603466914&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914787&bpp=7&bdt=106&idt=123&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=E7WDAyflda&p=https%3A//choice-helper.com&dtd=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Oct 2020 15:28:35 GMT
server: cafe
content-length: 23753
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Oct-2020 15:43:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Oct 2020 15:28:35 GMT
cache-control: private

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
887 B 7ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 14:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2221
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 23 Oct 2020 15:51:33 GMT

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/21923257/
Redirect Chain

https://mc.yandex.ru/watch/21923257?wmode=7&page-url=https%3A%2F%2Fchoice-helper.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603466914201%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136...
https://mc.yandex.ru/watch/21923257/1?wmode=7&page-url=https%3A%2F%2Fchoice-helper.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603466914201%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661...

167 B
674 B

48ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/21923257/1?wmode=7&page-url=https%3A%2F%2Fchoice-helper.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603466914201%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201023172834%3Aet%3A1603466915%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A309231576770%3Arqn%3A1%3Arn%3A601212130%3Ahid%3A916118775%3Ads%3A15%2C20%2C439%2C108%2C1%2C0%2C0%2C183%2C0%2C%2C%2C%2C662%3Afp%3A559%3Awn%3A24517%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603466915%3Au%3A160346691549241986%3At%3AThe%20Choice%20is%20Over

Requested by

Host: choice-helper.com
URL: https://choice-helper.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

73fda73cae67ec0ab0b742c15d77874218ffc0afaea95581a011bc43749209a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Oct 2020 15:28:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23-Oct-2020 15:28:35 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://choice-helper.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 167
X-XSS-Protection: 1; mode=block
Expires: Fri, 23-Oct-2020 15:28:35 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Oct 2020 15:28:35 GMT
Last-Modified: Fri, 23-Oct-2020 15:28:35 GMT
Access-Control-Allow-Origin: https://choice-helper.com
Strict-Transport-Security: max-age=31536000
Location: /watch/21923257/1?wmode=7&page-url=https%3A%2F%2Fchoice-helper.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1603466914201%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201023172834%3Aet%3A1603466915%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A309231576770%3Arqn%3A1%3Arn%3A601212130%3Ahid%3A916118775%3Ads%3A15%2C20%2C439%2C108%2C1%2C0%2C0%2C183%2C0%2C%2C%2C%2C662%3Afp%3A559%3Awn%3A24517%3Ahl%3A2%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1603466915%3Au%3A160346691549241986%3At%3AThe%20Choice%20is%20Over
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 23-Oct-2020 15:28:35 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D942 0
0 379ms
378ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=600&slotname=9290697700&adk=1715906585&adf=9752778&pi=t.ma~as.9290697700&w=237&fwrn=4&fwrnh=100&lmt=1603466915&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=237x600&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914794&bpp=1&bdt=114&idt=206&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YCMa4DvFmV&p=https%3A//choice-helper.com&dtd=209

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIyzhN-Dy-wCFYvQEQgdJ4cDrQ&gqi=o_aSX6lt88Tv9Q-8zJqwCw&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1829566126570248&output=html&h=600&slotname=9290697700&adk=1715906585&adf=9752778&pi=t.ma~as.9290697700&w=237&fwrn=4&fwrnh=100&lmt=1603466915&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=237x600&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914794&bpp=1&bdt=114&idt=206&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=15&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YCMa4DvFmV&p=https%3A//choice-helper.com&dtd=209
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIyzhN-Dy-wCFYvQEQgdJ4cDrQ&gqi=o_aSX6lt88Tv9Q-8zJqwCw&layout=/pagead/gadgets/teracent_product_template_V1/arcadian_imgfit_nostars_300x600.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Oct 2020 15:28:35 GMT
server: cafe
content-length: 37451
x-xss-protection: 0
set-cookie: IDE=AHWqTUkJ6osTuYyUfkNT76hEHro51xexKUptVPflVMYmpVNXIfomOVzO_6flG5wP; expires=Wed, 17-Nov-2021 15:28:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Oct 2020 15:28:35 GMT
cache-control: private

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
339 B 267ms
67ms XHR
text/plain 3.121.118.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=choice-helper.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fchoice-helper.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=The%20Choice%20is%20Over&cms=unknown&publisher=5dd03454cc936d0012fef77b&sop=true&bsamesite=true&consentDomain=.consensu.org&consent_duration=130&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&version=st_sop.js&lang=en&description=Here%20you%20can%20have%20fun%20throwing%20a%20coin%20or%20dice%2C%20rotating%20the%20wheel%20of%20fortune%20(yes%20or%20no%20roulette)%2C%20testing%20luck%20in%20drawing%20lots%20or%20asking%20Answerer%20(Magic%20Ball)%20different%20questions.
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.118.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-118-243.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://choice-helper.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
379 B 54ms
54ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: choice-helper.com
URL: https://choice-helper.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Last-Modified: Fri, 23 Oct 2020 09:46:29 GMT
ETag: "5f92a675-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 23 Oct 2020 16:28:35 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1B60 0
0 401ms
401ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=600&slotname=6432484107&adk=3236624214&adf=3310008130&pi=t.ma~as.6432484107&w=160&lmt=1603466915&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914838&bpp=1&bdt=158&idt=188&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C237x600&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1348&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vrJTKXioH4&p=https%3A//choice-helper.com&dtd=191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2724290228950344762/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2724290228950344762/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXXhd-Dy-wCFYvQEQgdJ4cDrQ&gqi=o_aSX4iyAoOR7_UPiO6uUA&layout=/sadbundle/%24csp%253Der3%24/2724290228950344762/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1829566126570248&output=html&h=600&slotname=6432484107&adk=3236624214&adf=3310008130&pi=t.ma~as.6432484107&w=160&lmt=1603466915&psa=0&guci=1.2.0.0.2.2.0.0&format=160x600&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914838&bpp=1&bdt=158&idt=188&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C237x600&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1348&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=vrJTKXioH4&p=https%3A//choice-helper.com&dtd=191
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2724290228950344762/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2724290228950344762/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXXhd-Dy-wCFYvQEQgdJ4cDrQ&gqi=o_aSX4iyAoOR7_UPiO6uUA&layout=/sadbundle/%24csp%253Der3%24/2724290228950344762/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Oct 2020 15:28:35 GMT
server: cafe
content-length: 31515
x-xss-protection: 0
set-cookie: IDE=AHWqTUnU5b2jJQfq1UBBjLqmX0zGKC7wdWqKkpWh1pwUtbMB9r15VT4uG7dCN6v5; expires=Wed, 17-Nov-2021 15:28:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Oct 2020 15:28:35 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 747C 0
0 336ms
336ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1829566126570248&output=html&h=280&slotname=5240525149&adk=3089360894&adf=2469108229&pi=t.ma~as.5240525149&w=1200&fwrn=4&fwrnh=100&lmt=1603466915&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914840&bpp=1&bdt=160&idt=193&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C237x600%2C160x600&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ik1t7bRw1s&p=https%3A//choice-helper.com&dtd=196

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1829566126570248&output=html&h=280&slotname=5240525149&adk=3089360894&adf=2469108229&pi=t.ma~as.5240525149&w=1200&fwrn=4&fwrnh=100&lmt=1603466915&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fchoice-helper.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603466914840&bpp=1&bdt=160&idt=193&shv=r20201020&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C237x600%2C160x600&nras=1&correlator=3812097662232&frm=20&pv=1&ga_vid=1026862832.1603466915&ga_sid=1603466915&ga_hid=274677001&ga_fc=0&iag=0&icsg=33687724&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065725&oid=3&pvsid=2142186999368085&pem=727&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Ik1t7bRw1s&p=https%3A//choice-helper.com&dtd=196
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Oct 2020 15:28:35 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUl4rNsPH4yBLJncbv5qUy3GPxPs98fmGc9Hsh8sbjWNoPxLAOvxNg6N3wtl; expires=Wed, 17-Nov-2021 15:28:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Oct 2020 15:28:35 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-46203792-1&cid=1026862832.1603466915&jid=2021470820&gjid=389967252&_gid=364374916.1603466915&_u=KChAgAAjAAAAAE~&z=460817896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Oct 2020 15:28:35 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://choice-helper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=274677001&t=pageview&_s=1&dl=https%3A%2F%2Fchoice-helper.com%2F&ul=en-us&de=UTF-8&dt=The%20Choice%20is%20Over&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAgAAj~&jid=2021470820&gjid=389967252&cid=1026862832.1603466915&tid=UA-46203792-1&_gid=364374916.1603466915&z=1422051580

Requested by

Host: choice-helper.com
URL: https://choice-helper.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 09:13:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22479
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tab.png
tab.reformal.ru/T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/FFFFFF/9c1f751cd883e990123aab292c606f93/bottom-left/1/ 7 KB
7 KB 146ms
48ms Image
image/png 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tab.reformal.ru/T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/FFFFFF/9c1f751cd883e990123aab292c606f93/bottom-left/1/tab.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: reformal.ru
Software: nginx/1.16.1 /
Resource Hash: 54222c04687e10232c2cff0f9b8fd7068da428afea05ff902b15b4df03089f34

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Last-Modified: Wed, 14 Oct 2020 14:28:58 GMT
Server: nginx/1.16.1
Content-Type: image/png
Cache-Control: max-age=864000
Connection: keep-alive
Content-Length: 6843
Expires: Mon, 02 Nov 2020 15:28:35 GMT

GET
H/1.1 200
OK st.php
log.reformal.ru/ 43 B
209 B 147ms
48ms Image
image/gif 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.reformal.ru/st.php?w=3&pid=815682
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: reformal.ru
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK 815682%7CaHR0cHM6Ly9jaG9pY2UtaGVscGVyLmNvbS8=%7C%7C80336
reformal.ru/human_check/ 43 B
279 B 146ms
47ms Image
image/gif 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reformal.ru/human_check/815682%7CaHR0cHM6Ly9jaG9pY2UtaGVscGVyLmNvbS8=%7C%7C80336
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: reformal.ru
Software: nginx/1.16.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Last-Modified: Fri, 20 Dec 2013 07:24:29 GMT
Server: nginx/1.16.1
ETag: "52b3f0ad-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK get_counts Show response
count-server.sharethis.com/v2.0/ 437 B
683 B 576ms
167ms Script
text/javascript 3.226.37.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=https%3A%2F%2Fchoice-helper.com%2F
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.37.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-37-37.compute-1.amazonaws.com
Software: / Express
Resource Hash: bd1b693d66cf9282edff3056eaa68e802cd1756db4cac39147d1f48a7f370fc2

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Cache-Control: public, max-age=900
ETag: e0054a57e9d39ba8340f7bfd4823b8ce
Connection: keep-alive
X-Powered-By: Express
Content-Length: 437
Content-Type: text/javascript; charset=utf-8

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
679 B 29ms
11ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 26 Sep 2020 08:05:06 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2359410
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: iMkw-58PQtxwvPuc7Z2yYmLDh5Q_Ckf7l8BSgFpPfpPDB6Ydeblu9g==

GET
H2 200 vk.svg
platform-cdn.sharethis.com/img/ 1 KB
972 B 29ms
11ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/vk.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ef80b9484ec57f96a4cfe363afe777cb54dd1deda8aae48c7394b8335bca048

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 17 Oct 2020 02:48:54 GMT
content-encoding: gzip
etag: "f238e4028c98d372f31a02eebee35a6f"
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 563982
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fcblL50zGksaNKvuhgF4J8toP7H-m8xXJJ0MfHWC5C6psJQu4v6mKw==
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 29ms
11ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 16 Oct 2020 02:34:52 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 651224
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: 8Gw9ZSxZSEIWrObCRjdSYEQWkE5M-43K3ilBQ-PybUnXL-wYAKn01Q==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 29ms
11ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 06 Oct 2020 19:59:47 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1452529
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: MRR4nQuRYtsG9xKEo15gYKrYP0r8Z1XtvFjoP0euZUAEnGFe8-1eGw==

GET
H2 200 odnoklassniki.svg
platform-cdn.sharethis.com/img/ 808 B
1 KB 30ms
12ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/odnoklassniki.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9815fd90529b64be433499fdf1d1ba06aa1d1ec31ed86ef7a50641568350fda5

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 17 Oct 2020 15:51:58 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 516998
etag: "818d25af149279ba62acf8856a46772d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 808
x-amz-cf-id: SnfleakrG1i9ii30wdET5Hu1EDpRdy2eaAaDCZdzBUHj_yDHEiURMA==

GET
H2 200 mailru.svg
platform-cdn.sharethis.com/img/ 2 KB
1 KB 29ms
12ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/mailru.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 491e7312feab95e07fc8c206547777d233a4dde2d72a9b1f143d7c99fb927a23

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 17:33:18 GMT
content-encoding: gzip
etag: "58a4ad1968b0ce25cd7cc05894fd4343"
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1029318
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ELq5-CoZeRybo6H4u-X07QsdvlQ-H9QN6MKX8v4xSOi8MUEzGHpAYA==
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)

GET
H2 200 telegram.svg
platform-cdn.sharethis.com/img/ 2 KB
1 KB 16ms
10ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/telegram.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bdf772d9fc521b1bac964b3e1287466cc5e6497f058ef97112f9a17b2591dfb

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 04:04:57 GMT
content-encoding: gzip
etag: "1e5f8bd74d9f0b6fbbae7c0cce36469e"
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 473019
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dosjJlRgLHtUHZqa2GrH_YbsdrqBbu-bVz6zZYXUaYn_d4P5BOBl4Q==
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 17ms
12ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 16 Oct 2020 08:31:39 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 629817
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 832
x-amz-cf-id: fEZGLkUplbbZE-DDB8EufASaM8DLZpT905SvIhSyrhqxGqaB3z8wqg==

GET
H2 200 skype.svg
platform-cdn.sharethis.com/img/ 4 KB
2 KB 16ms
10ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/skype.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b69939c41abddbdc9d22db67942f31cf93466284be6024b7b98b789f5caffb58

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Oct 2020 07:43:44 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1064692
etag: W/"3ad64213faff48f430c034efaff27544"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: NtVAlUgJMMNQgGv1YNDITsBp9BuzIYkDxNwxvTi7T-m6WqQ3o4rXaA==
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)

GET
H2 200 evernote.svg
platform-cdn.sharethis.com/img/ 2 KB
1 KB 18ms
13ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/evernote.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b2f9d8ad31449013a6191724f77a689d42ba038d3590fc6cf1988c1ecb1a858

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 29 Sep 2020 00:08:00 GMT
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2128835
etag: W/"788716c803dad9daf08af1702aec055e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -dFbWZOibT9_BfgR6sq5W0G5mxQ1Vroclk7cGUYKIcAeYxexaDErFg==
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
891 B 18ms
12ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Oct 2020 00:09:39 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1005537
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: 8vem-am3nuZL2uQZnOZdS2wAte2rLHDclgW0i1QRwvjjf0rtaVgMqA==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
945 B 9ms
7ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Oct 2020 12:10:30 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 962286
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: wJrWNGRTMxkUUpTMM8rfKIE7iwCvpUnNT1Ugr6y84bQGaN_80p6nqA==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
943 B 9ms
7ms Image
image/svg+xml 2600:9000:2156:a600:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 18 Oct 2020 04:10:19 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 472697
etag: "9928d025bd5792b718ee0a185f62e67c"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 565
x-amz-cf-id: stibUX09-nwqWSMidjKN7LpWDNhY4nMeGOH7zPZVXxulsIy0UG1ueA==

GET
H/1.1 200
OK /
kraken.rambler.ru/cnt/ 595 B
1 KB 293ms
100ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=3076969&rid=1603466915.121-1420257918&tid=t1.3076969.1715840175.1603466915121&v=1.8.0&rn=496684479&bs=1600x1200&ce=1&rf&en=UTF-8&pt=The%20Choice%20is%20Over&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&url=https%3A%2F%2Fchoice-helper.com%2F
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.17.9 /
Resource Hash: 16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Last-Modified: Thu, 16 Jan 2020 17:49:32 GMT
Server: nginx/1.17.9
ETag: "5e20a22c-253"
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Access-Control-Allow-Headers: content-type
Content-Length: 595

GET
H/1.1 200
OK gb.png
media.reformal.ru/widgets/v3/ 121 B
432 B 46ms
46ms Image
image/png 139.162.151.130
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.reformal.ru/widgets/v3/gb.png
Requested by: Host: choice-helper.com
URL: https://choice-helper.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: reformal.ru
Software: nginx/1.16.1 /
Resource Hash: 7f12ae569ada461896fd0b8c68a0464d0d3da01c313c5e9d69130c4a765b7633

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 15:28:35 GMT
Last-Modified: Wed, 27 Apr 2016 09:51:47 GMT
Server: nginx/1.16.1
ETag: "57208bb3-79"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201020&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46eea623e1b402b1a102dcaf88c1d520ec9d3ee1256695e5ba980a72d4aa782d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 15:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6429
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201020/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 15:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Fri, 23 Oct 2020 15:28:35 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame E5A3 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://choice-helper.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://choice-helper.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 23 Oct 2020 15:02:27 GMT
expires: Sat, 23 Oct 2021 15:02:27 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1568
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
197 B 16ms
16ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201020&jk=2142186999368085&bg=!qaqlqorNAAUZK2QAGVjIm2wqe-48ggIAAADGUgAAACgKAUEqQWnN1-sEwI7XiURp-2U42FNcP8xFOPLr6dHukeskgAtM92VzzWRlvaVrMiziyI3OPtYwvMXP8riUaNR41AwO9Glx2I7RYJYs2PcxiaOLYclCngIp7lhQAnmdLRDP-6C6hq_2zIGzlUJMUru0QG5w38NsIdyY1b2-YEpjFj9EI9mgNNGkuZOV7xCRmC44sH7MF9xsknSleD2SVbZH5VyDHoyGXz7BER1w-z5EihiJ1wDqy8cIOxriJrT5m4_gX32E8lb34E4zjpHvYb3HghDs-16PjQNHEkEOIDp-5STLn82KY67wURs9i1OVT6BjbPFp6zoFu-Wdwo3ZBmtofIgOYTwKliHJx2czkoxPRfK8-9QzoO6WDYGTQvk7xvuULwXm5pPywCfpaEfWTckyASi5KuY87SxjsY8OYLqSwsQHZLqZAapyPk9AFfQLEHtaVV2C4PaWmZJAz0tS7m2AwCiotHFLpGD7ZJ2K5ownbIT6JHH0SmJ8W61OYpRoigzHFImNytvMvdUOyq7hJGbXBxeIiy_0-DzOUCtLBaIQmu1nL0k-sHGQ4fs4JPo5S7V9B6eVcDOgfVq0a_AgAgCdUzoZazTXWiWKeBDY1LcraSaQUTfB_1m_fnJp3yRrrPf85hJnB7lA1bsXyFkLqCpGY5YErPpn-WUdGbG8MSVxKJWxHJlefZcXnctsV8noUS_MmGFKNpaDK50bMT2VucyUrpawN9qB3F_Ds0mR-7-O967yVaZCw_z-uB2AGSDlZpK3Mb_tNlPkGDO65w8Y_HNw5_lkZwAcx_3ZUUC-yrvte_yeNoKL0gM_EHaCqABTmj_uSh_-XA6LFqOr_RxJdMWf3jx2-KitcLdelOnJrE8c7k2bPgsRIcE-_8bl2C9bzAsP6hglUPEuHk4n184YVSG1LlQXpeOXfDJi2mIQl6q3MYFNfRbe144tGOWJ9y6Lvs6sCag_juMHQ4y6d5IwYNVHvnGgWS1OgwTh7liLPscrcbY

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 15:28:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 21923257 Show response
mc.yandex.ru/webvisor/ 43 B
494 B 137ms
137ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/21923257?wmode=0&rn=99767011&page-url=https%3A%2F%2Fchoice-helper.com%2F&wv-type=3&wv-hit=916118775&wv-part=1&browser-info=ti%3A8%3Aet%3A1603466915%3Aw%3A1600x1200%3Av%3A1964%3Az%3A120%3Ai%3A20201023172834%3Abt%3A1%3Ast%3A1603466917%3Au%3A160346691549241986

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Oct 2020 15:28:37 GMT
Last-Modified: Fri, 23-Oct-2020 15:28:37 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://choice-helper.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Fri, 23-Oct-2020 15:28:37 GMT

POST
H/1.1 200
OK 21923257 Show response
mc.yandex.ru/webvisor/ 43 B
494 B 48ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/21923257?wmode=0&rn=188405390&page-url=https%3A%2F%2Fchoice-helper.com%2F&wv-type=3&wv-hit=916118775&wv-part=1&browser-info=ti%3A8%3Aet%3A1603466915%3Aw%3A1600x1200%3Av%3A1964%3Az%3A120%3Ai%3A20201023172834%3Ast%3A1603466917%3Au%3A160346691549241986

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://choice-helper.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 23 Oct 2020 15:28:37 GMT
Last-Modified: Fri, 23-Oct-2020 15:28:37 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://choice-helper.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Fri, 23-Oct-2020 15:28:37 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.choice-helper.com/	1970-01-19 13:24:28	Name: _ym_visorc_21923257 Value: w
.choice-helper.com/	1970-01-19 22:46:02	Name: __gads Value: ID=203635474be33278-22ea8f2f56a600b0:T=1603466914:RT=1603466914:S=ALNI_Ma4p9rZFM6NI3LD6H7s9M9tNyKyiA
.choice-helper.com/	1970-01-20 13:24:26	Name: last_visit Value: 1603459715123::1603466915123
.choice-helper.com/	1970-01-20 13:24:26	Name: top100_id Value: t1.3076969.1715840175.1603466915121
.choice-helper.com/	1970-01-19 13:25:38	Name: _ym_isad Value: 2
.choice-helper.com/	1970-01-19 13:24:26	Name: _gat Value: 1
.choice-helper.com/	1970-01-19 14:07:38	Name: __cfduid Value: d4d854a2a7c1fdf8faaedc7d1ce24b8a41603466914
.choice-helper.com/	1970-01-19 13:25:53	Name: _gid Value: GA1.2.364374916.1603466915
.choice-helper.com/	1970-01-19 22:10:02	Name: _ym_d Value: 1603466915
.choice-helper.com/	1970-01-20 06:55:38	Name: _ga Value: GA1.2.1026862832.1603466915
.choice-helper.com/	1970-01-19 22:10:02	Name: _ym_uid Value: 160346691549241986
.doubleclick.net/	1970-01-19 13:24:30	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 22:46:02	Name: IDE Value: AHWqTUnU5b2jJQfq1UBBjLqmX0zGKC7wdWqKkpWh1pwUtbMB9r15VT4uG7dCN6v5
choice-helper.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: A0B8FDDF773068A6C24D4B40395F104E

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
choice-helper.com
count-server.sharethis.com
googleads.g.doubleclick.net
kraken.rambler.ru
l.sharethis.com
log.reformal.ru
mc.yandex.ru
media.reformal.ru
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
reformal.ru
st.top100.ru
stats.g.doubleclick.net
tab.reformal.ru
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
139.162.151.130
216.58.208.34
2600:9000:2093:7c00:c:a9b7:ddc0:93a1
2600:9000:20eb:b600:c:abe:f440:93a1
2600:9000:2156:6c00:1c:8a07:5e80:93a1
2600:9000:2156:a600:1d:85c3:6640:93a1
2606:4700:3032::ac43:a083
2a00:1450:4001:801::2001
2a00:1450:4001:809::200e
2a00:1450:4001:815::2002
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9a
2a02:6b8::1:119
3.121.118.243
3.226.37.37
81.19.89.17
81.19.89.18
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
063b50960bf58cd1e529018b7f3663ce7401187fcbd1db74850e5514acd66d60
0b2f9d8ad31449013a6191724f77a689d42ba038d3590fc6cf1988c1ecb1a858
1207dac904e57c9d08909c12776730ff147421bff8a8b2d3686df47ac1db4fb8
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
16a992224a960c618cc1c18e44a4b6301a665cad4039374421247a353bd9db75
1a7323caffa56f81335acbce8066c1154d23666a2fb3fc7049c22a41c8e12f00
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30bf612fb6cc5a1e73f6dce5106acda0df7edf24c0e54333ec7337dbfa734223
37e56ede68567cdb2df301ed77a77477c74826b610d02a17453cd5e2f2345d5c
3d36cb3679e3d4b7d55a7ad8104327bdc27e03bbc08c470d6f960a9794fff50b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44feae43d59b9226b9f2ced3d823fe55011cf41ff5ad34a9e3a87bf089170d1a
46eea623e1b402b1a102dcaf88c1d520ec9d3ee1256695e5ba980a72d4aa782d
491e7312feab95e07fc8c206547777d233a4dde2d72a9b1f143d7c99fb927a23
54222c04687e10232c2cff0f9b8fd7068da428afea05ff902b15b4df03089f34
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5adb289c961012adc0a1875c9b6a3a2f28986c9a0441c8bf82db7fcd12c29208
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
5e81f4f6668106e90488db787aee3851283bc7deb1c88eca718f7cd0ec5c0c14
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73fda73cae67ec0ab0b742c15d77874218ffc0afaea95581a011bc43749209a8
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7f12ae569ada461896fd0b8c68a0464d0d3da01c313c5e9d69130c4a765b7633
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8bdf772d9fc521b1bac964b3e1287466cc5e6497f058ef97112f9a17b2591dfb
8ef80b9484ec57f96a4cfe363afe777cb54dd1deda8aae48c7394b8335bca048
9253c84f0eb09d8a4a71b5d4bd953ad521911cb3311a77b4fde1a2a808917fe5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9815fd90529b64be433499fdf1d1ba06aa1d1ec31ed86ef7a50641568350fda5
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a5be34e4db57c855658f1d7a1e4fa4d0d1cf2425d4065bce7be903e9a129a8ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c55955d03171c7071b0e78e295600a97262f07be41957088453a489acb1ccc
b357154a81f4989c806d9d5b341e2f6b33bec4192257f12df3bf8a66916cbff2
b69939c41abddbdc9d22db67942f31cf93466284be6024b7b98b789f5caffb58
b85175a566721e3ff13c5a145de9d972552c4cbb5976bb5d12f8d786503ce956
bd1b693d66cf9282edff3056eaa68e802cd1756db4cac39147d1f48a7f370fc2
c6e9489e25e7854a58db93acc5a91b3cc023d33a70c4931dce8d2ef2868b5e94
ca435c33acbc343c9a3db08401ea0b95c724474a8deea44bb6cce17b005739a9
db5d6dc83e5194ffc981df1537103d747937f982aff40b6e0f03aec9329d3684
dc846dda7b56996354d225a37701a4fc9f80ea1f32a58cb24f8541de5b300c1d
df73b7bc5b4e3f7a82443822c230036f9b15c3bbf9370a0454fecb37ad36aaff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74263c5ff480fb69e468c5827cb217f6b06259d3217bed4276bbc1f7249e691
e88bd7c6ac5412da291b23af59ef372e445cc4eaa7bbc501225bdec1d28f4f05
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625
f83aa7175a3030f455a88c1ab6d82a080e87635d72e8a032eb2173d6ff6516c2
fb0601da73f3d87bf5853b84a3697b22e6f08c4c076d6a769dfab189f6d72947

choice-helper.com Open in urlscan Pro 2606:4700:3032::ac43:a083 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

67 %IPv6

14 Domains

23 Subdomains

18 IPs

4 Countries

662 kBTransfer

1625 kBSize

14 Cookies

1 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

choice-helper.com Open in urlscan Pro
2606:4700:3032::ac43:a083 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

23
Subdomains

18
IPs

4
Countries

662 kB
Transfer

1625 kB
Size

14
Cookies

68 HTTP transactions
0 data transactions