urlscan.io logo urlscan.io
SecurityTrails logo

firmmy.ru Open in urlscan Pro
185.178.208.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://firmmy.ru/
Effective URL: https://firmmy.ru/
Submission: On February 09 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 5 countries across 26 domains to perform 97 HTTP transactions. The main IP is 185.178.208.137, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is firmmy.ru.
TLS certificate: Issued by R3 on December 20th 2021. Valid for: 3 months.
This is the only time firmmy.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 185.178.208.137 57724 (DDOS-GUARD)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 208722 (YNDX)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2a02:6b8:a::a 208722 (YNDX)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:6b8:20::215 208722 (YNDX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::18 44788 (ASN-CRITE...)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 18.196.159.27 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 141.95.66.118 16276 (OVH)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
97 29
25    185.178.208.137 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
firmmy.ru
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
cm.g.doubleclick.net
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:21f3:c200:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2600:9000:21f3:b800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
1    2606:4700:3036::ac43:c772 (United States)

ASN13335 (CLOUDFLARENET, US)
flowpubdom.info
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.196.159.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    141.95.66.118 (France)

ASN16276 (OVH, FR)
PTR: ns3206961.ip-141-95-66.eu
googlecm.hit.gemius.pl
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
25 firmmy.ru
firmmy.ru
194 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
304 KB
14 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
pix.eu.criteo.net — Cisco Umbrella Rank: 7730
csm.eu.criteo.net — Cisco Umbrella Rank: 7881
339 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
19 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 25627
2 KB
4 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6518
154 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370
ads.eu.criteo.com — Cisco Umbrella Rank: 7925
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10834
45 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2853
yandex.ru — Cisco Umbrella Rank: 1452
143 KB
2 gstatic.com
fonts.gstatic.com
33 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
1 KB
2 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 41069
get.optad360.io — Cisco Umbrella Rank: 24472
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
957 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
5 KB
1 gemius.pl
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 8640
339 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
457 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1548
350 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 529
765 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1255
463 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
38 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
10 KB
1 flowpubdom.info
flowpubdom.info — Cisco Umbrella Rank: 431638
17 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
644 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
97 26
Domain Requested by
25 firmmy.ru 1 redirects firmmy.ru
12 pagead2.googlesyndication.com firmmy.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
7 static.criteo.net ads.eu.criteo.com
5 pix.eu.criteo.net ads.eu.criteo.com
5 cm.g.doubleclick.net googleads.g.doubleclick.net
5 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
5 mc.yandex.com 2 redirects firmmy.ru
4 yastatic.net yandex.ru
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 image6.pubmatic.com 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects firmmy.ru
1 fonts.googleapis.com cdnjs.cloudflare.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 cdn.ampproject.org firmmy.ru
1 flowpubdom.info firmmy.ru
1 yandex.ru firmmy.ru
1 get.optad360.io firmmy.ru
1 cmp.optad360.io firmmy.ru
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com firmmy.ru
97 35

This site contains no links.

Subject Issuer Validity Valid
firmmy.ru
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-27 -
2022-03-26		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.yastatic.net
Yandex CA		 2022-01-22 -
2022-07-23		 6 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://firmmy.ru/
Frame ID: 1C8658A8095B1BF19DF91714C5F6817F
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/zrt_lookup.html
Frame ID: C37E2033F0129E3440793CA0D4F4CB6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&adk=1812271804&adf=1573534164&lmt=1644412282&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffirmmy.ru%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412282595&bpp=4&bdt=307&idt=200&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8273005555282&frm=20&pv=2&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: DD704C9E97A640CF1EFC5BC0FC203BFF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15FE33ADAB92A3DE18AB5AB3409E818A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CEB8507081C8EB32C7E0AE19247D8FB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Frame ID: A0078A158964B44626E9ED92D54C514A
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Frame ID: 4B631CD76D52111D9D72D605A2E1D331
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB9D932E4AB1B37CDA68E43E38BBC6B8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Домострой » Стройка и сантехника своими руками

Page URL History Show full URLs

  1. http://firmmy.ru/ HTTP 301
    https://firmmy.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • prefixfree\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

93 %
HTTPS

69 %
IPv6

26
Domains

35
Subdomains

29
IPs

5
Countries

1364 kB
Transfer

3479 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://firmmy.ru/ HTTP 301
    https://firmmy.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9544.mbYrBqDIA5zF_j2ymegu6ednM7HPRVtYKqT51mFXH-VJCSuWDcde3-qTDii6mN5u.osHrNmCcDT6vFiVqsnHcUKpRdvs%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9544.1o8Wq8v-SVBsIykUBy3M7atbwuSxjOdu81oXI-0AHVUsa8zfR23xM3eLlfO2aFEDbz1fEO7nv0xiKNDzbhiHcg%2C%2C.SpL35aV6Pzj0yyJ2My5TwYVqEIQ%2C
Request Chain 41
  • https://mc.yandex.com/watch/38812170?wmode=7&page-url=https%3A%2F%2Ffirmmy.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A1247594176601%3Ahid%3A94779735%3Az%3A0%3Ai%3A20220209131122%3Aet%3A1644412283%3Ac%3A1%3Arn%3A498850897%3Arqn%3A1%3Au%3A1644412283402077088%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644412281755%3Ads%3A0%2C33%2C239%2C31%2C258%2C0%2C%2C101%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644412283%3At%3A%D0%94%D0%BE%D0%BC%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%20%C2%BB%20%D0%A1%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%20%D0%B8%20%D1%81%D0%B0%D0%BD%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D1%80%D1%83%D0%BA%D0%B0%D0%BC%D0%B8&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/38812170/1?wmode=7&page-url=https%3A%2F%2Ffirmmy.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A1247594176601%3Ahid%3A94779735%3Az%3A0%3Ai%3A20220209131122%3Aet%3A1644412283%3Ac%3A1%3Arn%3A498850897%3Arqn%3A1%3Au%3A1644412283402077088%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644412281755%3Ads%3A0%2C33%2C239%2C31%2C258%2C0%2C%2C101%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644412283%3At%3A%D0%94%D0%BE%D0%BC%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%20%C2%BB%20%D0%A1%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%20%D0%B8%20%D1%81%D0%B0%D0%BD%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D1%80%D1%83%D0%BA%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 78
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEM4zreiMdcHk9ajtRbvL55k&google_cver=1&google_push=AYg5qPKHx_A9JWj1dKMFnICIPkuavGb1Hy9ej8DdLf3EbN-YMdglOKAdKzBziJT8zvE5vmcvi4CAB9kcr1m8R9XLiB_Z6j3f9eVv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKHx_A9JWj1dKMFnICIPkuavGb1Hy9ej8DdLf3EbN-YMdglOKAdKzBziJT8zvE5vmcvi4CAB9kcr1m8R9XLiB_Z6j3f9eVv&google_hm=Q0FFU0VNNHpyZWlNZGNIazlhanRSYnZMNTVr
Request Chain 80
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN2n7T60XG-O15Grrtscetw&google_cver=1&google_push=AYg5qPKIcLG0hXPIJ0n5HFMw8ADw5GmXzsdX_0AgfFc18_XFw8Ntj1I2f0kB0Rz7aVBzyDhterJnjkkJswbY7MNXOAEGSwPq2VM8 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN2n7T60XG-O15Grrtscetw&google_cver=1&google_push=AYg5qPKIcLG0hXPIJ0n5HFMw8ADw5GmXzsdX_0AgfFc18_XFw8Ntj1I2f0kB0Rz7aVBzyDhterJnjkkJswbY7MNXOAEGSwPq2VM8&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ryAgOJL9TPevo640qSGRNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKIcLG0hXPIJ0n5HFMw8ADw5GmXzsdX_0AgfFc18_XFw8Ntj1I2f0kB0Rz7aVBzyDhterJnjkkJswbY7MNXOAEGSwPq2VM8
Request Chain 81
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFM2z8tHTlPof51ke1Yy8LQ&google_cver=1&google_push=AYg5qPJqF6zWYtPJfGf5RqB2dkgc1jh4gHOWftTRPhk5Ygz9cXWxtRRXb2lOHKZr02cRh0BKQdK6_8j7xaTbfzZXVuylvbDT1pCf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGS004OEstRy0xSVJa&google_push=AYg5qPJqF6zWYtPJfGf5RqB2dkgc1jh4gHOWftTRPhk5Ygz9cXWxtRRXb2lOHKZr02cRh0BKQdK6_8j7xaTbfzZXVuylvbDT1pCf
Request Chain 82
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_cver=1&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj
Request Chain 83
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMfIn5xKMMxLrwLL-Oo8eZc&google_cver=1&google_push=AYg5qPK4PlhoyqGCqWYaBY1Rszj---4ZmSgyZcK3sZBZXHJIi487030Zfn7Num2UvlmjeSBm-IJDetBH6UdIMSDKGBKCq15WMGu0zQ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK4PlhoyqGCqWYaBY1Rszj---4ZmSgyZcK3sZBZXHJIi487030Zfn7Num2UvlmjeSBm-IJDetBH6UdIMSDKGBKCq15WMGu0zQ&google_hm=

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
firmmy.ru/
Redirect Chain
  • http://firmmy.ru/
  • https://firmmy.ru/
230 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.1.33
Resource Hash
41d3f042818f9db5e686f713cfd762e1d8d06069719e20235a30a4830a6a3a6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000 max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
ddos-guard
strict-transport-security
max-age=31536000 max-age=31536000;
content-security-policy
upgrade-insecure-requests;
date
Wed, 09 Feb 2022 13:11:22 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
vary
Accept-Encoding,Cookie
cache-control
max-age=3, must-revalidate
content-encoding
gzip

Redirect headers

Server
ddos-guard
Date
Wed, 09 Feb 2022 13:11:22 GMT
Connection
keep-alive
Keep-Alive
timeout=60
Location
https://firmmy.ru/
Content-Type
text/html; charset=utf8
Content-Length
568
prefixfree.js
firmmy.ru/wp-content/themes/News/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/prefixfree.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
5146cf29ec886a276c1c6b07b7913e5fe93431df369cdc89d9428dda20c8b155
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
311196
etag
W/"57881574-15f1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Sat, 05 Feb 2022 22:44:47 GMT
content-security-policy
upgrade-insecure-requests;
content-length
2333
expires
Tue, 22 Mar 2022 22:44:47 GMT
jquery.min.js
firmmy.ru/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-includes/js/jquery/jquery.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 21:19:24 GMT
server
ddos-guard
age
85051
etag
W/"60f73ddc-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Tue, 08 Feb 2022 13:33:52 GMT
content-security-policy
upgrade-insecure-requests;
content-length
30953
expires
Fri, 25 Mar 2022 13:33:52 GMT
slideshow.js
firmmy.ru/wp-content/themes/News/js/widgets/ 		2 KB
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/widgets/slideshow.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
0da8085d57aa6099f076e2ba9123120d9384de0d4802e801aba4a934cb05fb9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
1946420
etag
W/"57881574-928"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Tue, 18 Jan 2022 00:31:04 GMT
content-security-policy
upgrade-insecure-requests;
content-length
565
expires
Fri, 04 Mar 2022 00:31:04 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-159385586-5
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8cf6fb3596812e04b6196edaa7e9bafa4db8c0466097ca36d47affe7c0b42f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36075
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Feb 2022 13:11:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1011487703057004
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd37f14bbb83e6ff6b7fabee523eecc9dbc9a97fab3978d60ee6d777b00d6673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://firmmy.ru/
Origin
https://firmmy.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53684
x-xss-protection
0
server
cafe
etag
13056048415533285051
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:11:23 GMT
gk.scripts.js
firmmy.ru/wp-content/themes/News/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/gk.scripts.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
3731a5e7bf08aab7a41a2e6dc16b88778713cec13cf801024a8cdadeaa641769
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
616884
etag
W/"57881574-19dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Wed, 02 Feb 2022 09:50:00 GMT
content-security-policy
upgrade-insecure-requests;
content-length
1877
expires
Sat, 19 Mar 2022 09:50:00 GMT
shortcodes.typography.js
firmmy.ru/wp-content/themes/News/js/ 		150 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/shortcodes.typography.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
43e841d8a4433172f42e66ad1a1458562767d545c76f6fb78a372876b07a49f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
br
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
1946421
etag
W/"57881574-96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Tue, 18 Jan 2022 00:31:03 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
60
expires
Fri, 04 Mar 2022 00:31:03 GMT
shortcodes.elements.js
firmmy.ru/wp-content/themes/News/js/ 		631 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/shortcodes.elements.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
930124552aa17834161dafbac8b547a32decd1d56ac37935395d0388ede9f048
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
br
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
1946420
etag
W/"57881574-277"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Tue, 18 Jan 2022 00:31:04 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
248
expires
Fri, 04 Mar 2022 00:31:04 GMT
shortcodes.template.js
firmmy.ru/wp-content/themes/News/js/ 		264 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/shortcodes.template.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
019e1fd78881c04f9a1e2ce9bd4deb062d47ace22d22c99827f86c5365198d11
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
br
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
408430
etag
W/"57881574-108"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Fri, 04 Feb 2022 19:44:13 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
144
expires
Mon, 21 Mar 2022 19:44:13 GMT
thickbox.js
firmmy.ru/wp-includes/js/thickbox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-includes/js/thickbox/thickbox.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 11:53:09 GMT
server
ddos-guard
age
2079907
etag
W/"604a04a5-338a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Sun, 16 Jan 2022 11:26:16 GMT
content-security-policy
upgrade-insecure-requests;
content-length
4001
expires
Wed, 02 Mar 2022 11:26:16 GMT
regenerator-runtime.min.js
firmmy.ru/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Wed, 26 Jan 2022 15:50:21 GMT
server
ddos-guard
age
6021
etag
W/"61f16dbd-195e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Wed, 09 Feb 2022 11:31:02 GMT
content-security-policy
upgrade-insecure-requests;
content-length
2422
expires
Sat, 26 Mar 2022 11:31:02 GMT
wp-polyfill.min.js
firmmy.ru/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 21:19:24 GMT
server
ddos-guard
age
1946420
etag
W/"60f73ddc-4056"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Tue, 18 Jan 2022 00:31:04 GMT
content-security-policy
upgrade-insecure-requests;
content-length
6031
expires
Fri, 04 Mar 2022 00:31:04 GMT
index.js
firmmy.ru/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 12:51:59 GMT
server
ddos-guard
age
499615
etag
W/"61e95aef-25f8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Thu, 03 Feb 2022 18:24:29 GMT
content-security-policy
upgrade-insecure-requests;
content-length
3286
expires
Sun, 20 Mar 2022 18:24:29 GMT
front.min.js
firmmy.ru/wp-content/plugins/table-of-contents-plus/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Fri, 25 Jun 2021 13:44:59 GMT
server
ddos-guard
age
1946420
etag
W/"60d5dddb-17cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Tue, 18 Jan 2022 00:31:04 GMT
content-security-policy
upgrade-insecure-requests;
content-length
2349
expires
Fri, 04 Mar 2022 00:31:04 GMT
nsp.js
firmmy.ru/wp-content/themes/News/js/widgets/ 		15 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/widgets/nsp.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
6a75df83fe7f28ee17ba42cc1d025e53e90003de46eeb477007e22de6e8b0289
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
323976
etag
W/"57881574-3b0a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Sat, 05 Feb 2022 19:11:47 GMT
content-security-policy
upgrade-insecure-requests;
content-length
2383
expires
Tue, 22 Mar 2022 19:11:47 GMT
tabs.js
firmmy.ru/wp-content/themes/News/js/widgets/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/widgets/tabs.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
13ba85eda30823547bc3addcfadc6ab87aa31a98aac8be455b6c26ef150c7180
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
3440
etag
W/"57881574-1192"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Wed, 09 Feb 2022 12:14:03 GMT
content-security-policy
upgrade-insecure-requests;
content-length
963
expires
Sat, 26 Mar 2022 12:14:03 GMT
frontend.min.js
firmmy.ru/wp-content/plugins/q2w3-fixed-widget/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
e3669242e12b808e0ce9e35db1b347b28eba3f2ed7b72dc5d88ac3f3ede6b835
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 01:48:27 GMT
server
ddos-guard
age
1684557
etag
W/"61e8bf6b-3564"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Fri, 21 Jan 2022 01:15:26 GMT
content-security-policy
upgrade-insecure-requests;
content-length
3640
expires
Mon, 07 Mar 2022 01:15:26 GMT
gk.menu.js
firmmy.ru/wp-content/themes/News/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/themes/News/js/gk.menu.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
cb60adc04c1b2c07459c5a3fe3cffee40b2139f78410a058483709e56a0f436d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Thu, 14 Jul 2016 22:43:00 GMT
server
ddos-guard
age
316874
etag
W/"57881574-2535"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Sat, 05 Feb 2022 21:10:09 GMT
content-security-policy
upgrade-insecure-requests;
content-length
1648
expires
Tue, 22 Mar 2022 21:10:09 GMT
lazyload.min.js
firmmy.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firmmy.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 10:59:15 GMT
server
ddos-guard
age
70870
etag
W/"5fae6703-1ed2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3888000
date
Tue, 08 Feb 2022 17:30:13 GMT
content-security-policy
upgrade-insecure-requests;
content-length
2704
expires
Fri, 25 Mar 2022 17:30:13 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c68634c96b301afe3bd377fb99a99424180dcc820cb6657c100bf5b0291f1b2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2b5b0cf4ff501b8e6ec281bd5f6a6237eb1845e93b4a6d1cc47d7a189afc9f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66041a0d8c2d8af985a7cc6d8e7aade7409ad851baf148945553d3ca722db97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		456 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08dc037656a1ce396ec500fee851b35a446f9fb1e9c5ab02633d0323b784e26f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		295 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb91e553b3c05a05be37e20d7766e29956cfd83cbbe9717a7b2bd2fa5c019963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		72 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e7efce7893330540d129ea699ed3c3e3d5e1f29356b08cb5f4e9c7ee95f9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		353 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0beac6af012cc23ebb42d176fee5a2b9c7fcab41516ed80b1a4b9a2d89a90dc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		118 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67c683ed3aaf8ea716780b930b8406d6eefda02a54e5529ab746cc348eb44611

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
tag.js
mc.yandex.ru/metrika/ 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
28ad17b26f50e4c7d283c1885fc063c6778767a88c07895f46231c9ab190eec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
br
last-modified
Wed, 09 Feb 2022 12:39:19 GMT
etag
"62038bc7-10ee6"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69350
expires
Wed, 09 Feb 2022 14:11:23 GMT
login.png
firmmy.ru/wp-content/themes/News/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firmmy.ru/wp-content/themes/News/images/login.png
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
9e8bb58838c2ff9e45fcb8b53531aaff8d51d16235a0c8f458d00f09928cbc74
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
last-modified
Thu, 14 Jul 2016 22:41:00 GMT
server
ddos-guard
age
2960
etag
"578814fc-1396"
content-type
image/png
cache-control
max-age=3888000
date
Wed, 09 Feb 2022 12:22:03 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
5014
expires
Sat, 26 Mar 2022 12:22:03 GMT
loadingAnimation.gif
firmmy.ru/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firmmy.ru/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
last-modified
Sun, 04 Nov 2012 23:00:00 GMT
server
ddos-guard
age
1946419
etag
"5096f370-3b86"
content-type
image/gif
cache-control
max-age=3888000
date
Tue, 18 Jan 2022 00:31:04 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
15238
expires
Fri, 04 Mar 2022 00:31:04 GMT
ustranenie-zasora-v-trubax1-widget_gk_nsp-7.jpg
firmmy.ru/wp-content/themes/News/gavern/cache_nsp/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firmmy.ru/wp-content/themes/News/gavern/cache_nsp/ustranenie-zasora-v-trubax1-widget_gk_nsp-7.jpg
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
ec9b505d408320ac9245cea94a0025472f9a72ea5365edb89b97d2ccfea56f34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
last-modified
Wed, 09 Feb 2022 13:10:27 GMT
server
ddos-guard
age
0
etag
"6203bd43-206b"
content-type
image/jpeg
cache-control
max-age=3888000
date
Wed, 09 Feb 2022 13:11:23 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
8299
expires
Sat, 26 Mar 2022 13:11:23 GMT
5d1e25e0d6775069767d03481-widget_gk_nsp-6.jpg
firmmy.ru/wp-content/themes/News/gavern/cache_nsp/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firmmy.ru/wp-content/themes/News/gavern/cache_nsp/5d1e25e0d6775069767d03481-widget_gk_nsp-6.jpg
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
6853bae6f6612d9e88c33ad5d529167d73a78d6caee8bcf608cd32e4fcee17b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
last-modified
Tue, 08 Feb 2022 16:40:28 GMT
server
ddos-guard
age
20125
etag
"62029cfc-1a72"
content-type
image/jpeg
cache-control
max-age=3888000
date
Wed, 09 Feb 2022 07:35:58 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
6770
expires
Sat, 26 Mar 2022 07:35:58 GMT
2177-31-widget_gk_nsp-8.jpg
firmmy.ru/wp-content/themes/News/gavern/cache_nsp/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firmmy.ru/wp-content/themes/News/gavern/cache_nsp/2177-31-widget_gk_nsp-8.jpg
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
6f8c3697403d8872e1408dccfee5e1baf04ee413843d3877d08f9e253629d380
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
last-modified
Wed, 09 Feb 2022 13:10:27 GMT
server
ddos-guard
age
0
etag
"6203bd43-2211"
content-type
image/jpeg
cache-control
max-age=3888000
date
Wed, 09 Feb 2022 13:11:23 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
8721
expires
Sat, 26 Mar 2022 13:11:23 GMT
nalichniki-na-okna-251-widget_gk_nsp-8.jpg
firmmy.ru/wp-content/themes/News/gavern/cache_nsp/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firmmy.ru/wp-content/themes/News/gavern/cache_nsp/nalichniki-na-okna-251-widget_gk_nsp-8.jpg
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.178.208.137 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
951a5c997b3b12610508f216a15b644719e735334666668f9d841a90ea3b876f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000, max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000;
last-modified
Wed, 09 Feb 2022 13:10:27 GMT
server
ddos-guard
age
0
etag
"6203bd43-45d7"
content-type
image/jpeg
cache-control
max-age=3888000
date
Wed, 09 Feb 2022 13:11:23 GMT
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
17879
expires
Sat, 26 Mar 2022 13:11:23 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159385586-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3991
date
Wed, 09 Feb 2022 12:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 09 Feb 2022 14:04:52 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 		286 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1011487703057004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87eeb1e408b929d69e5b0d906816e49e785cf8221058ba118139e67580c8b79a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105570
x-xss-protection
0
server
cafe
etag
4295105704125908822
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:11:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/ Frame C37E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1011487703057004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Tue, 08 Feb 2022 18:49:46 GMT
expires
Tue, 22 Feb 2022 18:49:46 GMT
cache-control
public, max-age=1209600
age
66097
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9544.mbYrBqDIA5zF_j2ymegu6ednM7HPRVtYKqT51mFXH-VJCSuWDcde3-qTDii6mN5u.osHrNmCcDT6vFiVqsnHcUKpRdvs%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9544.1o8Wq8v-SVBsIykUBy3M7atbwuSxjOdu81oXI-0AHVUsa8zfR23xM3eLlfO2aFEDbz1fEO7nv0xiKNDzbhiHcg%2C%2C.SpL35aV6Pzj0yyJ2My5TwYVqEIQ%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9544.1o8Wq8v-SVBsIykUBy3M7atbwuSxjOdu81oXI-0AHVUsa8zfR23xM3eLlfO2aFEDbz1fEO7nv0xiKNDzbhiHcg%2C%2C.SpL35aV6Pzj0yyJ2My5TwYVqEIQ%2C
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9544.1o8Wq8v-SVBsIykUBy3M7atbwuSxjOdu81oXI-0AHVUsa8zfR23xM3eLlfO2aFEDbz1fEO7nv0xiKNDzbhiHcg%2C%2C.SpL35aV6Pzj0yyJ2My5TwYVqEIQ%2C
date
Wed, 09 Feb 2022 13:11:23 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
last-modified
Wed, 09 Feb 2022 12:39:19 GMT
etag
"62038bc7-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 09 Feb 2022 14:11:23 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1315923705&t=pageview&_s=1&dl=https%3A%2F%2Ffirmmy.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D0%BC%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%20%C2%BB%20%D0%A1%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%20%D0%B8%20%D1%81%D0%B0%D0%BD%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D1%80%D1%83%D0%BA%D0%B0%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1178615897&gjid=1105420691&cid=438301637.1644412283&tid=UA-159385586-5&_gid=685217012.1644412283&_r=1&gtm=2ou270&did=dZTNiMT&gdid=dZTNiMT&z=253863409
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://firmmy.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://firmmy.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/38812170/
Redirect Chain
  • https://mc.yandex.com/watch/38812170?wmode=7&page-url=https%3A%2F%2Ffirmmy.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
  • https://mc.yandex.com/watch/38812170/1?wmode=7&page-url=https%3A%2F%2Ffirmmy.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/38812170/1?wmode=7&page-url=https%3A%2F%2Ffirmmy.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A1247594176601%3Ahid%3A94779735%3Az%3A0%3Ai%3A20220209131122%3Aet%3A1644412283%3Ac%3A1%3Arn%3A498850897%3Arqn%3A1%3Au%3A1644412283402077088%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644412281755%3Ads%3A0%2C33%2C239%2C31%2C258%2C0%2C%2C101%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644412283%3At%3A%D0%94%D0%BE%D0%BC%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%20%C2%BB%20%D0%A1%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%20%D0%B8%20%D1%81%D0%B0%D0%BD%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D1%80%D1%83%D0%BA%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f413cde9665e11362340e783180dd02b71545121e66433d183bf166d9931e52e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 09-Feb-2022 13:11:23 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://firmmy.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Wed, 09-Feb-2022 13:11:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:23 GMT
last-modified
Wed, 09-Feb-2022 13:11:23 GMT
location
/watch/38812170/1?wmode=7&page-url=https%3A%2F%2Ffirmmy.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A717%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A1247594176601%3Ahid%3A94779735%3Az%3A0%3Ai%3A20220209131122%3Aet%3A1644412283%3Ac%3A1%3Arn%3A498850897%3Arqn%3A1%3Au%3A1644412283402077088%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1644412281755%3Ads%3A0%2C33%2C239%2C31%2C258%2C0%2C%2C101%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1644412283%3At%3A%D0%94%D0%BE%D0%BC%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%20%C2%BB%20%D0%A1%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%20%D0%B8%20%D1%81%D0%B0%D0%BD%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0%20%D1%81%D0%B2%D0%BE%D0%B8%D0%BC%D0%B8%20%D1%80%D1%83%D0%BA%D0%B0%D0%BC%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://firmmy.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 09-Feb-2022 13:11:23 GMT
cookie.js
partner.googleadservices.com/gampad/ 		213 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=firmmy.ru&callback=_gfp_s_&client=ca-pub-1011487703057004
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3ca4a0508ae59b637d4256ff00dcddf9371cb5924c7c2d738e07d33cd39406b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=firmmy.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=firmmy.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffirmmy.ru%2F&tn=DIV&id=gk-popup-overlay&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffirmmy.ru%2F&tn=DIV&id=gk-popup-overlay&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DD70 		13 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&adk=1812271804&adf=1573534164&lmt=1644412282&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffirmmy.ru%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412282595&bpp=4&bdt=307&idt=200&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8273005555282&frm=20&pv=2&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=218
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87390e3de16005f190690b63207f94cf3f4915226a5e223c21cf82773f2848bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 09 Feb 2022 13:11:23 GMT
server
cafe
content-length
1179
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Feb 2022 13:11:23 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
993b4d8096a0323d191ca132df844c919ae2e64c628d4cf06fab3a8239a4ef0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 13:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9921
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 13:11:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 15FE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Feb 2022 12:18:05 GMT
expires
Thu, 09 Feb 2023 12:18:05 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
3199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7CEB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea89c6147fc29dc5de2e9a6c6dabf662062033354e50a4543864e43d376863c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4dunoZd1jOg4+xhPVcgyfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 09 Feb 2022 13:11:24 GMT
date
Wed, 09 Feb 2022 13:11:24 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-4dunoZd1jOg4+xhPVcgyfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
pagead2.googlesyndication.com/bg/ Frame 15FE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:06:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
7520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13808
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 11:06:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CEB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220207&jk=4489433568365852&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 15FE 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0SKboA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ec0ace49-d3fa-4a91-8c08-b1e7876ed4ba.min.js
cmp.optad360.io/items/ 		497 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/ec0ace49-d3fa-4a91-8c08-b1e7876ed4ba.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c200:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 02:15:52 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
39516
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
497
x-amz-cf-id
v7S2L4zBvk_4KUJY26NxSU6tokD-Kf_0Q0sDjOJICx1k3fIxwJdjFw==
plugin.min.js
get.optad360.io/sf/09990f0e-7d3b-428f-9c92-54543d3e5be6/ 		2 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/09990f0e-7d3b-428f-9c92-54543d3e5be6/plugin.min.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 14:34:12 GMT
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jul 2020 06:52:28 GMT
server
AmazonS3
age
15892633
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Error from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
2
x-amz-cf-id
izkrcnpwOe3JSwJvdalpZuK_5dqMNI9QnaJh4bj7FSpxHLU1NxNCjg==
context.js
yandex.ru/ads/system/ 		275 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7d6ee4cd997e19b2c72b80813c6cbeb3fad524294767171761b025f972df7889
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1644412284725402-7516109924723019385-man1-3319-man-l7-balancer-8080-BAL-5850
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 09 Feb 2022 14:11:24 GMT
5fea002ac2ec8bcf73955a9d
flowpubdom.info/j/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flowpubdom.info/j/5fea002ac2ec8bcf73955a9d
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3b5a7309795ce5074336c8af2539e54db3e269c622807e0b17764132c2c043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RROSiMe9DC0nFMZ7PhpyfChXhPtKxOeylimkO9%2F%2B2%2BL6%2BwLW4s0CSqvR9yV2hg47f86hmv0Z%2FHvlkuzzALDfnM3HNRBeLYAIXTzA%2FXbXo7pkUizrKnw6YpeL76LrWeqvMlcVWsi3CEtHdz0YSIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
strict-transport-security
max-age=31536000
cf-ray
6dad57eb3fce91d1-FRA
vary
Accept-Encoding
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d34a4f3ace362e694f47ed0467e35f8d795a1572379c1e8cd4e7a08c6a079f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9317
x-xss-protection
0
server
sffe
date
Wed, 09 Feb 2022 13:11:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"312cb41c6eee0b9c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Feb 2022 13:11:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1011487703057004
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99a09e7b3878385e8cc748bed8563d3bb2fe18526dc5451497ea44c61c9f203d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53690
x-xss-protection
0
server
cafe
etag
7063754994200837627
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:11:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: firmmy.ru
URL: https://firmmy.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
447d485c6330ebf422a36adcc01dc26b14f6f56d4f034db0485354d43909896a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53710
x-xss-protection
0
server
cafe
etag
13114079552772680245
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Feb 2022 13:11:24 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=firmmy.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 13:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=firmmy.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Feb 2022 13:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A007 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1011487703057004&plah=firmmy.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
542f86d78ca6d54dca42d1e043a21805791b1c3b34c88fa762710d77b83b7e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 09 Feb 2022 13:11:25 GMT
server
cafe
content-length
11510
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 09 Feb 2022 13:11:25 GMT
cache-control
private
551fe7cc113dfd1155d2.js
yastatic.net/partner-code-bundles/54113/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/54113/551fe7cc113dfd1155d2.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
37383302f266cd5f6fcfd6afaad866b12fe6f2ffe8f573cafe7abe6f56a4dbe2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://firmmy.ru/
Origin
https://firmmy.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4456
last-modified
Tue, 08 Feb 2022 19:43:42 GMT
server
nginx/1.17.9
etag
"e4283f9f132fe2d8dbc6851b8857e61d"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2052 19:46:17 GMT
f8390b15e89cd4e912f0.js
yastatic.net/partner-code-bundles/54113/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/54113/f8390b15e89cd4e912f0.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f71da6a3ba0bc94f340f1690b658cbb27859d2c747b0245ecd1d6d5e4ba5d0e3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://firmmy.ru/
Origin
https://firmmy.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17026
last-modified
Tue, 08 Feb 2022 19:43:42 GMT
server
nginx/1.17.9
etag
"3801bd0fe02cc85e14c6779f74ef4e97"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2052 19:46:27 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://firmmy.ru/
Origin
https://firmmy.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2052 19:43:04 GMT
9efeacf468e5d34db367.js
yastatic.net/partner-code-bundles/54113/ 		599 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/54113/9efeacf468e5d34db367.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ba1657857df8aa4973eeb4bae27c84e5dd02178d25453538da8e107cdd65c5c6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://firmmy.ru/
Origin
https://firmmy.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
124486
last-modified
Tue, 08 Feb 2022 19:43:42 GMT
server
nginx/1.17.9
etag
"bdf7b4ed720e872b2e3d7e202a43971f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2052 19:46:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220207&jk=4489433568365852&bg=!kpGlkdXNAAa4sGsQuLA7ACkAdvg8WlQflttd4xH8SIrGQbNIow1i--Pfdqe9kHhjz_f5hBsx79qqLgIAAABqUgAAAAJoAQcKACHdcM6zRFYj8_cV92xF7Dq6WpI9DY7LYEQQ--SgYhPUOWiZAsTYsCSBSEaz0RgrSWSpTRw17cQVVdBomLw30lgUXfQwXSPkvqqqRiu5ioo5xd-IXQlRMalH_jhNEOn0x1It-ukOKJsTRo1NK5m6YlzIR3b733Wzxy8vxEBuo4js6sCDRZR946o9bBkgPigTnrDocn6-m4-tH2rQQEv0hLDswmTsOMBQLA0Qiw8dKNqVhLaW7DcHtkEVr3I7d6_PqgDBeyx2ZoyeGoW72wOf-97YQGnPKDOKr0MRAECkoAVRWJ_DqP85eiU-rXArUCb6JVhKxK7R20AFQ52kbW1JO-25Dqg_Q-OHcIPIptwJ7PWjfjIiWnMq2z4FqsDuz4fJdGeBcs-JHZCPfW8RDcP6R92hBJoXkJLsIEjlm8SCu8sqrREyDWOIvgnSIvP8nvlypOaYwMrUNkZn1ROeerOHBtJLATPDmp35dvAc62PoUX5mNK3y7BNMi8hRKvlZ0aYqrLKzprWRXMWdHP5NcktGORqgLEW6dC5gqrJGloJP9ZiCQyevoHvOtDo8zA0h3P_YEtD_Ikgn1isOzzg3ElRIuh_gw4pG6v3SdxCn8hTKtVm1ASxA-EA8giM72InBB9riy8-KbRa8ya-SYd14MwmYz2LlIwzcTsG-l_QnPWjMJ5igV3IBQG9draWdcKQ4PCdoFuXe-tglttlXUExzSYPJ0tC2q5fzykdLILgk-iKqs3vKrCdN-M7LE5Yb37wT9NQtGyI68D95m3MYMf2RwXLxLwLsPBaq9Hs06Qlemc4NY3OkwlTPCCwxfyY5Q6ESW6gjexYqAeMdehw9p9ill_W1ptRE3P-4cQk5dXX-Li4MXwcRPXSj-VNed7gA8z_Beu1x_T3GGW92uR2PRNxuB_7AeppAbERqnO6LlHg5cD2vGlnPSl_kUOlH28JcTikCgQoQESfCrovKvgxDx2eTyjmTYFzEmsqFFgKwhtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://firmmy.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame A007 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 13:02:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A007 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644237382599929"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Feb 2022 13:11:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/ Frame A007 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6367
x-xss-protection
0
server
cafe
etag
17798303060702513824
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Feb 2022 13:02:53 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A007 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CW_QQfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTTAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTSpL6pU57LdjgtjWbGKJCXH9pxcC3nlC9TrTHGbgYNKQ9BeXVwlhqABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMDExNDg3NzAzMDU3MDA0GAA&sigh=PaNM_9uPKC8&uach_m=[UACH]&cid=CAQSPACNIrLMPUjUTb43hQF4N1bAJAT7TvXcuMGJ6GlvbgDj9wAOxeAYtIMI4Yh_R1p-XPrSynuGcOedxFFa4RgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 09 Feb 2022 13:11:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame A007 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ULyzEt-BMKwC2ASdg2ICAgAAAMHyAGK8ixRGEHy9A2IUsRU1SlW3dmgc6QAS&wp=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:24 GMT
server
Kestrel
server-processing-duration-in-ticks
278812
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4B63 		136 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3450998ae77b36a762e359eeef25d5e0f136851ee74d91cc113c1a1507194e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vdRK-HeVREJesCdKltQEKxSKUWJEHvLRoUdqb7ZHwXpm13ebOEaSuvHBi8mkn6N104VmAfJtQbgqd7bgivtmM0w9o16PZyEj-FyBmtAOeCXUM993bEaBrao0v1SlYu7KwKObA8awF3MqE4m5gcDqcxmyVu9sCVa4NlnLR7us4RjA0EvuimgN4kQ_83vv-zUKaoEpZq6sUGFntCk9oxe_9fLhKnTEza3-ixIvwNV2TieasuY18rmupotcQU7svzhyiEHREw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
119164335
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB9D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Wed, 09 Feb 2022 05:53:44 GMT
expires
Thu, 10 Feb 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
26261
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame EB9D 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECyl9TSTepAUHJ6QMPvZmf4&google_cver=1&google_push=AYg5qPK3JQFpNjL5Vw5zcT4-goRhaUTOh9ZFQVuzqCw4pjVu_7BJvL82l41ILc4eMGbTBvPAmiCinHdPVaLoqWi5vEfLfBgzJgbx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB9D
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEM4zreiMdcHk9ajtRbvL55k&google_cver=1&google_push=AYg5qPKHx_A9JWj1dKMFnICIPkuavGb1Hy9ej8DdLf3EbN-YMdglOKAdKzBziJT8zvE5vmcvi4CAB9kcr1m8R9XLiB_Z6j3f9eVv
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKHx_A9JWj1dKMFnICIPkuavGb1Hy9ej8DdLf3EbN-YMdglOKAdKzBziJT8zvE5vmcvi4CAB9kcr1m8R9XLiB_Z6j3f9eVv&google_hm=Q0FFU0VNNHpyZWlNZGNIa...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKHx_A9JWj1dKMFnICIPkuavGb1Hy9ej8DdLf3EbN-YMdglOKAdKzBziJT8zvE5vmcvi4CAB9kcr1m8R9XLiB_Z6j3f9eVv&google_hm=Q0FFU0VNNHpyZWlNZGNIazlhanRSYnZMNTVr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Feb 2022 13:11:25 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKHx_A9JWj1dKMFnICIPkuavGb1Hy9ej8DdLf3EbN-YMdglOKAdKzBziJT8zvE5vmcvi4CAB9kcr1m8R9XLiB_Z6j3f9eVv&google_hm=Q0FFU0VNNHpyZWlNZGNIazlhanRSYnZMNTVr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame EB9D 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEI1U-YCpcay-E11VGTv8fUU&google_cver=1&google_push=AYg5qPJpy9TenuCwCch783KDqr3NoKZ_loJ2XqtIzmrrwVenI8J3cZiQUCrGtIypoYdaKZ0Ltqn3TM8wLVcuptlvhYNk-sZkh3lI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:24 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sv6ohe3s41psgjjs1081k3f5alples32
pixel
cm.g.doubleclick.net/ Frame EB9D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ryAgOJL9TPevo640qSGRNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ryAgOJL9TPevo640qSGRNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKIcLG0hXPIJ0n5HFMw8ADw5GmXzsdX_0AgfFc18_XFw8Ntj1I2f0kB0Rz7aVBzyDhterJnjkkJswbY7MNXOAEGSwPq2VM8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ryAgOJL9TPevo640qSGRNA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKIcLG0hXPIJ0n5HFMw8ADw5GmXzsdX_0AgfFc18_XFw8Ntj1I2f0kB0Rz7aVBzyDhterJnjkkJswbY7MNXOAEGSwPq2VM8
date
Wed, 09 Feb 2022 13:11:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EB9D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFM2z8tHTlPof51ke1Yy8LQ&google_cver=1&google_push=AYg5qPJqF6zWYtPJfGf5RqB2dkgc1jh4gHOWftTRPhk5Ygz9cXWxtRRXb2lOHKZr02cRh0BKQdK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGS004OEstRy0xSVJa&google_push=AYg5qPJqF6zWYtPJfGf5RqB2dkgc1jh4gHOWftTRPhk5Ygz9cXWxtRRXb2lOHKZr02cRh0BKQdK6_8j7xaTbfzZXVuylvbDT1pCf
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGS004OEstRy0xSVJa&google_push=AYg5qPJqF6zWYtPJfGf5RqB2dkgc1jh4gHOWftTRPhk5Ygz9cXWxtRRXb2lOHKZr02cRh0BKQdK6_8j7xaTbfzZXVuylvbDT1pCf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pGS004OEstRy0xSVJa&google_push=AYg5qPJqF6zWYtPJfGf5RqB2dkgc1jh4gHOWftTRPhk5Ygz9cXWxtRRXb2lOHKZr02cRh0BKQdK6_8j7xaTbfzZXVuylvbDT1pCf
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame EB9D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByIS...
0
0
pixel
cm.g.doubleclick.net/ Frame EB9D
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMfIn5xKMMxLrwLL-Oo8eZc&google_cver=1&google_push=AYg5qPK4PlhoyqGCqWYaBY1R...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK4PlhoyqGCqWYaBY1Rszj---4ZmSgyZcK3sZBZXHJIi487030Zfn7Num2UvlmjeSBm-IJDetBH6UdIMSDKGBKCq15WMGu0zQ&google_hm=
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK4PlhoyqGCqWYaBY1Rszj---4ZmSgyZcK3sZBZXHJIi487030Zfn7Num2UvlmjeSBm-IJDetBH6UdIMSDKGBKCq15WMGu0zQ&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:25 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK4PlhoyqGCqWYaBY1Rszj---4ZmSgyZcK3sZBZXHJIi487030Zfn7Num2UvlmjeSBm-IJDetBH6UdIMSDKGBKCq15WMGu0zQ&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Tue, 08 Feb 2022 13:11:25 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EB9D 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IV8wWizInjCxFnRz229TgP2bBle0bzHGi6Q3PXWUOSmhTwymPSiCY1beZq2M9Vf3iUQPG5kg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011487703057004&output=html&h=600&slotname=5702936015&adk=3303088774&adf=2722700463&pi=t.ma~as.5702936015&w=300&lmt=1644412283&psa=0&format=300x600&url=https%3A%2F%2Ffirmmy.ru%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644412283895&bpp=4&bdt=1608&idt=4&shv=r20220207&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfb4b5b44372b1508-224cfeb837cd0090%3AT%3D1644412283%3ART%3D1644412283%3AS%3DALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw&prev_fmts=0x0&nras=1&correlator=8273005555282&frm=20&pv=1&ga_vid=438301637.1644412283&ga_sid=1644412283&ga_hid=1315923705&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1178&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C21066432%2C31062423%2C31064729&oid=2&pvsid=4489433568365852&pem=70&tmod=1649943740&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OX7joxzvTV&p=https%3A//firmmy.ru&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Feb 2023 13:11:25 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Feb 2023 13:11:25 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4B63 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 04 Feb 2023 13:11:25 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 4B63 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sat, 04 Feb 2023 13:11:25 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 4B63 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=dsMGPCnKpeYt52X76tChbZCpJQH-EBE6VDUvB0kxDMPKuitMR6J1dsO0-iCkt0YNHXAHsMYevrCd7p2hhRvUEi7w_gnuD34mfDuWltNI35gBDGe56pdiU30Ti5PJXF8jIq85RscQdeW4-OeJFWSFadxX5AbCeXj7Ox2HMF1UErEv8dISKnfLyh-2qR_p4Ft73QMgekBp6z4tRCRKKDmfO1La0rcdrdvy41_8ZvToImGbvSKbL8V7cZ3u-4J4fQcMwk_vSvs9xxlua8C_qYbpD6cDBYx4--retnxLevDIbVTeSjSmUxoIyzT-_U6c_1MT9eJ7E0HkQ1qbBeN3KwdhjHczLOopu1zcj_bvNvSivQ-ZKNJc9e8hfXPyX6CxJXeCrILpN25EjNvU7QPfM0dY7xChbfFb2sKBFKWlkNCZ5HgmoOrQUWpe8vbzzqnwz_ta6T_ZWw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:25 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5908965
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4B63 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1315012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BV%2FP7G4UH7tV4kbkqCSoRVETkpZ3ou3YxE1Yuxm0Z6GeJyGE%2Fwq0%2B%2BRAs9rtq0SaPN9BHyOgFRBxxpB7wbM3hktvy1QEfpcFhuaeiHXBDDB8MezSTo2J4lf%2FR8kQJBXKWrpkNCRDNYFskVoBi9fQiJk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dad57f21b8768f2-FRA
expires
Mon, 30 Jan 2023 13:11:25 GMT
animejs.js
static.criteo.net/animejs/ Frame 4B63 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Feb 2023 13:11:25 GMT
img
pix.eu.criteo.net/img/ Frame 4B63 		304 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=38616&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38616%2F220131%2F6a4ad2c721f9487eb041a8422eb31528_img_square_1.jpg&v=3&w=1200&s=ymhRJIQCl37JSay6jUDYkfYT
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
99d3686def05651d9aade77458dc857144d0cf85e189aa6b00ab6e0c2717b976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30401026
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
311230
expires
Fri, 27 Jan 2023 09:55:12 GMT
img
pix.eu.criteo.net/img/ Frame 4B63 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=38616&q=80&r=0&u=https%3A%2F%2Fmedias.maisonsdumonde.com%2Fimage%2Fupload%2Fimg%2F2-sitzer-gartensofa-aus-kunstharz-und-metall-schwarz-1000-9-20-208956_1.jpg&v=3&w=400&s=p41T8Zf0ThHq5UZEBTq1qufr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bc22de691991393f740593f96e76b4d07424348128a02467b84ed058e063913c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30495594
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4324
expires
Sat, 28 Jan 2023 12:11:20 GMT
img
pix.eu.criteo.net/img/ Frame 4B63 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=38616&q=80&r=0&u=https%3A%2F%2Fmedias.maisonsdumonde.com%2Fimage%2Fupload%2Fimg%2Foutdoor-kissen-aus-rot-und-weiss-gestreiftem-stoff-45x45-1000-13-16-167378_1.jpg&v=3&w=400&s=-a6Z8_NcXdwl_NdFpCAawXOt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
381d3119b1af53eac56bcd661d7181644bb018c612b6c40df6f5c28229dd700c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:23 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30348385
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8706
expires
Thu, 26 Jan 2023 19:17:49 GMT
img
pix.eu.criteo.net/img/ Frame 4B63 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=38616&q=80&r=0&u=https%3A%2F%2Fmedias.maisonsdumonde.com%2Fimage%2Fupload%2Fimg%2F3-sitzer-gartensofa-massive-akazie-schnurgeflecht-mit-ecrufarbenem-kissen-1000-8-12-208989_1.jpg&v=3&w=400&s=2Wnp8iUUmHiNh4B7YbZR-koH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5383b6a11a033ad65e8b1bfcdbe3d550d803063397e0042044facae08036288f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31443444
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3302
expires
Wed, 08 Feb 2023 11:28:50 GMT
img
pix.eu.criteo.net/img/ Frame 4B63 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=38616&q=80&r=0&u=https%3A%2F%2Fmedias.maisonsdumonde.com%2Fimage%2Fupload%2Fimg%2Fmodulare-3-sitzer-gartenbank-aus-akazie-mit-ecrufarbenem-kissen-1000-6-10-208987_7.jpg&v=3&w=400&s=jOjzmIfCHxtCNQQQNgZWjqop&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
efd7d1868b762482878aff4681f9ab32e807880ad2d99d9d5f76bc2b996be1c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30340479
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4642
expires
Thu, 26 Jan 2023 17:06:05 GMT
all
csm.eu.criteo.net/ Frame 4B63 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vdRK-HeVREJesCdKltQEKxSKUWJEHvLRoUdqb7ZHwXpm13ebOEaSuvHBi8mkn6N104VmAfJtQbgqd7bgivtmM0w9o16PZyEj-FyBmtAOeCXUM993bEaBrao0v1SlYu7KwKObA8awF3MqE4m5gcDqcxmyVu9sCVa4NlnLR7us4RjA0EvuimgN4kQ_83vv-zUKaoEpZq6sUGFntCk9oxe_9fLhKnTEza3-ixIvwNV2TieasuY18rmupotcQU7svzhyiEHREw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Feb 2022 13:11:25 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Feb 2023 13:11:25 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4B63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 13:11:25 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Feb 2023 13:11:25 GMT
css
fonts.googleapis.com/ Frame 4B63 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat+Alternates:400%7CMontserrat:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
695a9ac7fff52ad378d518a2d6e3509f5419e3ec6c19d5487bf7795b1b66c741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 12:37:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Feb 2022 13:11:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Feb 2022 13:11:25 GMT
truncated
/ Frame A007 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8febf9a161e1636533c99bf4919ccd18a43c238cd2b9a8b2e25083b81c67c26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ Frame 4B63 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat+Alternates:400%7CMontserrat:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 06:04:00 GMT
x-content-type-options
nosniff
age
112046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 06:04:00 GMT
mFTvWacfw6zH4dthXcyms1lPpC8I_b0juU0566fQ.woff2
fonts.gstatic.com/s/montserratalternates/v16/ Frame 4B63 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserratalternates/v16/mFTvWacfw6zH4dthXcyms1lPpC8I_b0juU0566fQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat+Alternates:400%7CMontserrat:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek,latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d24bdc67d21e9bbc0ad7e665b3a575adf886dbfbaf751f8fdd8cdfe36b777fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 21:51:42 GMT
x-content-type-options
nosniff
age
573584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20220
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:10:12 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 21:51:42 GMT
all
csm.eu.criteo.net/ Frame 4B63 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vdRK-HeVREJesCdKltQEKxSKUWJEHvLRoUdqb7ZHwXpm13ebOEaSuvHBi8mkn6N104VmAfJtQbgqd7bgivtmM0w9o16PZyEj-FyBmtAOeCXUM993bEaBrao0v1SlYu7KwKObA8awF3MqE4m5gcDqcxmyVu9sCVa4NlnLR7us4RjA0EvuimgN4kQ_83vv-zUKaoEpZq6sUGFntCk9oxe_9fLhKnTEza3-ixIvwNV2TieasuY18rmupotcQU7svzhyiEHREw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgO9fAAK6VsKd_sDAAWn83ka3DeMO9D35wX-Xw&u=%7CR5jgzQ8jWZaiKixsvy%2FuPLg256vq27CPu3%2BT7lITz9Q%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKVcY9Eef9QuVKMH5U-Jxy6X4GmmGRwJSY0-UK4nohPNjneLLJFPqOOclC_h5OnjAZ1ZZ2RtRLW3OovwJC58mk-l3adcHlydrhTqrCX_AYfsfy3JWDHCfJWqTDWDJgBdrZUZaJ2pmOSYjX4cNjwwqkF0dE7cD-fen02bYadZmrMgFWm5p7w-stTCodQC9L5jXUV1qM-aWf5hTzuTtUHYD9cks-cjZkGHhuxQqINXZxepLwQLjTK34h0rM5pEKFH0UbdnjAiprQLGWaS6xeylsAolQuMxpfwuReb7cT5DmLyUmIaVi7DkoMAD_oiv93pcMt_DuKPQg7xwL5tHfH2bOKnUtbGAvoB_coQo_F-aUSsN7axWgMR7L5A7ksPdIPtks5UWh2Q5EQqeKp6auhKj-kYjpML6F9nKhfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChHrMfL0DYtvSK4P23wPzz5bwBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTAxMTQ4NzcwMzA1NzAwNKAB1bbS6gPIAQmpAkHFWs4CKrM-qAMBqgTWAU_Q4yKHVivj4n3D-oMqxK5FAN69yXeH8DYBsaXN-KRyHbsDr3jqwups5NTdKmpHAgapLnCbDEYKAXTXdOyYMj69bo_mpAXryHYSqlWJJs6225d0ihCjho5Kr3iYNmhCZK02JBxhmHcAEdv-rpOqCwdhcx8T4OvtXq2N4nOlWYh0oPlOka-Z3lDLcpcf6h8nQ5sweC7G-3QemBkEZwnN8vIr9afwxQN-YuuqwBTS5ryIwRlE6iuSEXJl-K0x59NlepvtujfRGfn7yPSyNyNZ_N_0haUfl-mABqmPkMDcpOCzxAGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Xa3iPiGT9sUUFf3cyyeKR3lhq0g%26client%3Dca-pub-1011487703057004%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Feb 2022 13:11:26 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame A007 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDhOWeozYy6dTdVpRU4zXIlHFv0WvQ7UkR_AV0TJjCJwmVDcHnKtA1sblrpZJ5rjNUdjwVXcfebElHxBFpQ8Ob&sig=Cg0ArKJSzHACQ2mKQ1QOEAE&cid=CAASF-RoxyP8_E8VAiBASo2z-_hG7l5PPkMf&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3303088774&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644412283913&rpt=1195&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Feb 2022 13:11:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| thickboxL10n object| StyleFix object| PrefixFree undefined| $ function| jQuery function| gtag object| dataLayer function| jQueryLoaded_head_123 function| jQueryLoading_head_123 string| ajaxUrlFlatPM boolean| duplicateFlatPM string| untilscrollFlatPM string| $GK_PAGE_URL string| $GK_TMPL_URL string| $GK_TMPL_NAME object| $GK_MENU function| flatCM_random function| jQueryLoaded_ping_meh function| jQueryLoading_ping_meh function| jQueryLoaded_footer_123 function| jQueryLoading_footer_123 function| ym string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| tocplus object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign string| StopWidgetClassName string| FixedWidgetClassName function| Widget function| getWidgetContainer function| get_sibilings_offset function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| queryElements function| initPlugin function| onDocumentLoaded boolean| duplicateMode string| untilscroll function| ff object| flat_body object| flat_stack_scripts object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear string| flat_dateMonth string| flat_dateDay number| flat_dateHours number| flat_dateMinutes object| flat_userVars function| parseHTML function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_randomString function| flatPM_random function| flatPM_sanitizeUrlParams function| flatPM_getAllUrlParams function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_ping function| flatPM_setSCRIPT function| flatPM_setHTML function| flatPM_video object| flat_pm_arr function| jQueryLoaded_flatpm_123 function| jQueryLoading_flatpm_123 object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| imgLoader function| LazyLoad object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| google_user_agent_client_hint object| Ya object| yaCounter38812170 object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| yaContextCb number| google_lpabyc function| setCookie function| getCookie function| createGeoRestrictionCookie function| _classCallCheck function| _defineProperties function| _createClass function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| ownKeys function| _objectSpread function| _defineProperty object| vztromState object| pcodeJsonp541130DnF27MFyE number| pr object| __activeTestIds object| __pcodeAllActiveTestIds function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya boolean| yandex_context_perf_logging object| AMP object| $sf object| yaSafeFrameAsyncCallbacks

29 Cookies

Domain/Path Name / Value
.firmmy.ru/ Name: __ddg1
Value: kC1JhHajYVU0EaxqTKw2
.firmmy.ru/ Name: _ym_uid
Value: 1644412283402077088
.firmmy.ru/ Name: _ym_d
Value: 1644412283
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3201593051fake
.firmmy.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2664385629fake
.firmmy.ru/ Name: _ga
Value: GA1.2.438301637.1644412283
.firmmy.ru/ Name: _gid
Value: GA1.2.685217012.1644412283
.firmmy.ru/ Name: _gat_gtag_UA_159385586_5
Value: 1
.yandex.com/ Name: yandexuid
Value: 8776119941644412283
.yandex.com/ Name: yuidss
Value: 8776119941644412283
mc.yandex.com/ Name: yabs-sid
Value: 1958969471644412283
.yandex.com/ Name: i
Value: Q1nJK7sk8PbNARVOAmYLCdd1clOs5Xt1V17mcyRwKXwH6Uh0BdsEqaCUjcJS1aCYzd+xk3KuNA8dy3FMGII1IJvV5M8=
.yandex.com/ Name: ymex
Value: 1675948283.yrts.1644412283#1675948283.yrtsi.1644412283
.firmmy.ru/ Name: __gads
Value: ID=fb4b5b44372b1508-224cfeb837cd0090:T=1644412283:RT=1644412283:S=ALNI_MZT9GjjFHjrOKP1HEZZiavV63ONcw
firmmy.ru/ Name: flat_r_mb
Value: %2F%2F%2F%3Adirect
firmmy.ru/ Name: __oagr
Value: true
.yandex.ru/ Name: i
Value: 90slh6QIrnOKDBK46bb3LGYpFkPtWBVf0/Ufribhv2/37j9Eec21gybgYztN+eLtdIauL94lb/UuFUfJvIMYIE5xpHU=
.doubleclick.net/ Name: IDE
Value: AHWqTUm5HEnIopPCY0tB74rkXMF6x6gEdfsKzpvPuhmwlC3M6sYbREwXcBSqhUsnXu8
.quantserve.com/ Name: d
Value: EA4BCQGzJYEA
.quantserve.com/ Name: mc
Value: 6203bd7d-b5235-9e81f-0f233
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: YgO9fctZo.0aCcFXBPdQYAAA
.casalemedia.com/ Name: CMPS
Value: 3270
.agkn.com/ Name: ab
Value: 0001%3AK%2FUzI6XALpZQWsc%2F%2BX3BedRA17L0KBCt
.agkn.com/ Name: u
Value: C|0CEAplnn9KZZ5_QAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: AF202038-92FD-4CF7-AFA3-AE34A9219134
.casalemedia.com/ Name: CMPRO
Value: 1116
.casalemedia.com/ Name: CMST
Value: YgO9fWIDvX0A

2 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9544.1o8Wq8v-SVBsIykUBy3M7atbwuSxjOdu81oXI-0AHVUsa8zfR23xM3eLlfO2aFEDbz1fEO7nv0xiKNDzbhiHcg%2C%2C.SpL35aV6Pzj0yyJ2My5TwYVqEIQ%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgO9fctZo-0aCcFXBPdQYAAABFwAAAIB&google_cver=1&google_gid=CAESEBa2_PnCzkSTNNPnwnoxovQ&google_push=AYg5qPKwVuManAlDRe_DgIAOLYIZvn7I8ByISbE8uRwM4EkI6rkdU7KQTTDNSpUkYsqBnI0gXBrazteNRFJh3hcwpunYJfNxBxpj
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000 max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
cmp.optad360.io
cms.quantserve.com
csm.eu.criteo.net
d.agkn.com
firmmy.ru
flowpubdom.info
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.nl.eu.criteo.com
rtb.openx.net
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
yandex.ru
yastatic.net
cm.g.doubleclick.net
141.95.66.118
142.250.185.226
178.250.0.139
178.250.0.160
178.250.0.162
18.196.159.27
185.178.208.137
185.64.190.78
2600:9000:21f3:b800:11:a4de:2580:93a1
2600:9000:21f3:c200:6:b871:4f00:93a1
2606:4700:3036::ac43:c772
2606:4700::6810:125e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2001
2a00:1450:4001:802::2008
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a02:2638:1::2
2a02:2638::18
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
35.186.253.211
69.173.144.138
019e1fd78881c04f9a1e2ce9bd4deb062d47ace22d22c99827f86c5365198d11
08dc037656a1ce396ec500fee851b35a446f9fb1e9c5ab02633d0323b784e26f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beac6af012cc23ebb42d176fee5a2b9c7fcab41516ed80b1a4b9a2d89a90dc5
0da8085d57aa6099f076e2ba9123120d9384de0d4802e801aba4a934cb05fb9d
13ba85eda30823547bc3addcfadc6ab87aa31a98aac8be455b6c26ef150c7180
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
1a3b5a7309795ce5074336c8af2539e54db3e269c622807e0b17764132c2c043
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
28ad17b26f50e4c7d283c1885fc063c6778767a88c07895f46231c9ab190eec0
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
3450998ae77b36a762e359eeef25d5e0f136851ee74d91cc113c1a1507194e06
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3731a5e7bf08aab7a41a2e6dc16b88778713cec13cf801024a8cdadeaa641769
37383302f266cd5f6fcfd6afaad866b12fe6f2ffe8f573cafe7abe6f56a4dbe2
381d3119b1af53eac56bcd661d7181644bb018c612b6c40df6f5c28229dd700c
3ca4a0508ae59b637d4256ff00dcddf9371cb5924c7c2d738e07d33cd39406b0
41d3f042818f9db5e686f713cfd762e1d8d06069719e20235a30a4830a6a3a6f
43e841d8a4433172f42e66ad1a1458562767d545c76f6fb78a372876b07a49f0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447d485c6330ebf422a36adcc01dc26b14f6f56d4f034db0485354d43909896a
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5146cf29ec886a276c1c6b07b7913e5fe93431df369cdc89d9428dda20c8b155
5383b6a11a033ad65e8b1bfcdbe3d550d803063397e0042044facae08036288f
542f86d78ca6d54dca42d1e043a21805791b1c3b34c88fa762710d77b83b7e54
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67c683ed3aaf8ea716780b930b8406d6eefda02a54e5529ab746cc348eb44611
6853bae6f6612d9e88c33ad5d529167d73a78d6caee8bcf608cd32e4fcee17b3
695a9ac7fff52ad378d518a2d6e3509f5419e3ec6c19d5487bf7795b1b66c741
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6a75df83fe7f28ee17ba42cc1d025e53e90003de46eeb477007e22de6e8b0289
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d34a4f3ace362e694f47ed0467e35f8d795a1572379c1e8cd4e7a08c6a079f0
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f8c3697403d8872e1408dccfee5e1baf04ee413843d3877d08f9e253629d380
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
7d6ee4cd997e19b2c72b80813c6cbeb3fad524294767171761b025f972df7889
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87390e3de16005f190690b63207f94cf3f4915226a5e223c21cf82773f2848bb
87eeb1e408b929d69e5b0d906816e49e785cf8221058ba118139e67580c8b79a
8cf6fb3596812e04b6196edaa7e9bafa4db8c0466097ca36d47affe7c0b42f6f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
930124552aa17834161dafbac8b547a32decd1d56ac37935395d0388ede9f048
951a5c997b3b12610508f216a15b644719e735334666668f9d841a90ea3b876f
993b4d8096a0323d191ca132df844c919ae2e64c628d4cf06fab3a8239a4ef0e
99a09e7b3878385e8cc748bed8563d3bb2fe18526dc5451497ea44c61c9f203d
99d3686def05651d9aade77458dc857144d0cf85e189aa6b00ab6e0c2717b976
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e7efce7893330540d129ea699ed3c3e3d5e1f29356b08cb5f4e9c7ee95f9ff4
9e8bb58838c2ff9e45fcb8b53531aaff8d51d16235a0c8f458d00f09928cbc74
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e
b2b5b0cf4ff501b8e6ec281bd5f6a6237eb1845e93b4a6d1cc47d7a189afc9f8
b66041a0d8c2d8af985a7cc6d8e7aade7409ad851baf148945553d3ca722db97
ba1657857df8aa4973eeb4bae27c84e5dd02178d25453538da8e107cdd65c5c6
bb91e553b3c05a05be37e20d7766e29956cfd83cbbe9717a7b2bd2fa5c019963
bc22de691991393f740593f96e76b4d07424348128a02467b84ed058e063913c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c68634c96b301afe3bd377fb99a99424180dcc820cb6657c100bf5b0291f1b2c
cb60adc04c1b2c07459c5a3fe3cffee40b2139f78410a058483709e56a0f436d
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
d24bdc67d21e9bbc0ad7e665b3a575adf886dbfbaf751f8fdd8cdfe36b777fed
dd37f14bbb83e6ff6b7fabee523eecc9dbc9a97fab3978d60ee6d777b00d6673
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3669242e12b808e0ce9e35db1b347b28eba3f2ed7b72dc5d88ac3f3ede6b835
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8febf9a161e1636533c99bf4919ccd18a43c238cd2b9a8b2e25083b81c67c26
ea89c6147fc29dc5de2e9a6c6dabf662062033354e50a4543864e43d376863c4
ec9b505d408320ac9245cea94a0025472f9a72ea5365edb89b97d2ccfea56f34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd7d1868b762482878aff4681f9ab32e807880ad2d99d9d5f76bc2b996be1c1
f413cde9665e11362340e783180dd02b71545121e66433d183bf166d9931e52e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f71da6a3ba0bc94f340f1690b658cbb27859d2c747b0245ecd1d6d5e4ba5d0e3