allnum.ru Open in urlscan Pro
95.142.44.62 Public Scan

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

6da5e39a70fd2bbcf7e158e17f97bcaad47fb069e5374c695214f392dd86c45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Jul 2023 17:24:43 GMT
Server: nginx/1.16.1
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Jul 2023 17:24:42 GMT
Location: https://allnum.ru/en/search-v2
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked

GET
H/1.1 200
OK style_new_21-06-12en.css
allnum.ru/ 35 KB
36 KB 133ms
132ms Stylesheet
text/css 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://allnum.ru/style_new_21-06-12en.css?t=34

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

6979b513da20fbeed598c54dfb59fb2c2df5d24c791eeb3cb21ec25e537de45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/en/search-v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Sun, 28 Feb 2021 00:38:44 GMT
Server: nginx/1.16.1
ETag: "603ae614-8d58"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36184

GET
H/1.1 200
OK script.js Show response
allnum.ru/ 6 KB
6 KB 134ms
133ms Script
application/javascript 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://allnum.ru/script.js

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

577ad8b5424958a17fec1467558ad0a1af21768f95d52ad142de2d17ad582c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/en/search-v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 07:13:02 GMT
Server: nginx/1.16.1
ETag: "5201f37e-1660"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5728

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 154ms
71ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0114134640042423

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10ddebe5e9f1daf932b00f6ee24291ef4dfd8ff931a2138c23e9c42d8ca61bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Origin: https://allnum.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48820
x-xss-protection: 0
server: cafe
etag: 2641595192763099843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:43 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t39.3;r;s1600*1200*24;uhttps%3A//allnum.ru/en/search-v2;hFind%20who%20owns%20this%20Number.%20Reverse%20Phone%20Lookup.;0.13146946476334342
https://counter.yadro.ru/hit?q;t39.3;r;s1600*1200*24;uhttps%3A//allnum.ru/en/search-v2;hFind%20who%20owns%20this%20Number.%20Reverse%20Phone%20Lookup.;0.13146946476334342

138 B
624 B

142ms
142ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t39.3;r;s1600*1200*24;uhttps%3A//allnum.ru/en/search-v2;hFind%20who%20owns%20this%20Number.%20Reverse%20Phone%20Lookup.;0.13146946476334342

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

b1c0070da6cc6b7aa4f35ae070bcb2630cb51bf127018e8bd3e810b51ff81b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 17:24:44 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 138
Expires: Tue, 05 Jul 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t39.3;r;s1600*1200*24;uhttps%3A//allnum.ru/en/search-v2;hFind%20who%20owns%20this%20Number.%20Reverse%20Phone%20Lookup.;0.13146946476334342
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 05 Jul 2022 21:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 114ms
32ms Script
text/javascript 2607:f8b0:4020:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 16:16:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4109
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 06 Jul 2023 18:16:14 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 57 KB
22 KB 141ms
57ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08a5ec9edca6cb577f2d4645c3c640f9b07bc456d38aea4708a0895bc36233a9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 17:24:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "7d28a237276f1398"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:43 GMT

GET
H/1.1 200
OK sheet_s.png
allnum.ru/images/ 1 KB
2 KB 133ms
132ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/sheet_s.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

22f77fffa38d27d66bbab048785f211550fec15d383431b84765c7629a7e6610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:25 GMT
Server: nginx/1.16.1
ETag: "520201a5-55f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1375

GET
H/1.1 200
OK sheet_h.png
allnum.ru/images/ 286 B
570 B 134ms
132ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/sheet_h.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

1ba5feea17e5fed4142153fa6558bd22f797e495ae31a61a21629f5050157358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:25 GMT
Server: nginx/1.16.1
ETag: "520201a5-11e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286

GET
H/1.1 200
OK sheet_v.png
allnum.ru/images/ 213 B
496 B 402ms
134ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/sheet_v.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

7f87722d7893aedb360627f1b846d70b7870e0e3910b59609a02216e7aa72738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:25 GMT
Server: nginx/1.16.1
ETag: "520201a5-d5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 213

GET
H/1.1 200
OK post_s.png
allnum.ru/images/ 79 B
361 B 403ms
134ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/post_s.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

4583be7d53b5e12fe95309854dcf32792f01f96b109964293458d75d8d316985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:24 GMT
Server: nginx/1.16.1
ETag: "520201a4-4f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79

GET
H/1.1 200
OK post_h.png
allnum.ru/images/ 78 B
360 B 401ms
133ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/post_h.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9caed9fb63d5022468301ffd36a420fffea07fb237ec28022631224bbd0d487b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:24 GMT
Server: nginx/1.16.1
ETag: "520201a4-4e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78

GET
H/1.1 200
OK post_v.png
allnum.ru/images/ 81 B
363 B 403ms
135ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/post_v.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

7a8231dc929cd870ed4318e353b8703501d61a427f30d7f42446d8b92a68e0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:24 GMT
Server: nginx/1.16.1
ETag: "520201a4-51"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81

GET
H/1.1 200
OK post_c.png
allnum.ru/images/ 203 B
486 B 253ms
131ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/post_c.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0fe3d377e1b6647d3eeb1000fbfd0e053823b76dd6d4f5b64339a322afc4a3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:24 GMT
Server: nginx/1.16.1
ETag: "520201a4-cb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 203

GET
H/1.1 200
OK postmetadataheader_bg.png
allnum.ru/images/ 96 B
378 B 255ms
132ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/postmetadataheader_bg.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ec7dcc5cb883f7119b788060a9b5c79ab983c03e34b23172444512a9dbf5bd24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:23 GMT
Server: nginx/1.16.1
ETag: "520201a3-60"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96

GET
H/1.1 200
OK footer_s.png
allnum.ru/images/ 214 B
497 B 389ms
133ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/footer_s.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

20cd3fe4517ab99dce049295ebac9d818dd926cbf8af3656382001597a08be5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:21 GMT
Server: nginx/1.16.1
ETag: "520201a1-d6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 214

GET
H/1.1 200
OK footer_b.png
allnum.ru/images/ 87 B
369 B 386ms
132ms Image
image/png 95.142.44.62
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://allnum.ru/images/footer_b.png

Requested by

Host: allnum.ru
URL: https://allnum.ru/style_new_21-06-12en.css?t=34

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.44.62 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0edaa38627d4ea3f2a35fd9c90fe2506ed3ac63d4452b6ded7b7e71623545618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/style_new_21-06-12en.css?t=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 17:24:43 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 07 Aug 2013 08:13:21 GMT
Server: nginx/1.16.1
ETag: "520201a1-57"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 344 KB
118 KB 143ms
76ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0114134640042423

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d24880101539cbb700be67f0a62b2c78f8cf5b4020aaa9af33322acb5eaa451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121015
x-xss-protection: 0
server: cafe
etag: 17661902012165147212
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/ Frame 9F0C 10 KB
5 KB 114ms
32ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0114134640042423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 58013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 01:17:50 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 01:17:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
198 B 53ms
51ms Image
image/gif 2607:f8b0:4020:805::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1223193229&utmhn=allnum.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Find%20who%20owns%20this%20Number.%20Reverse%20Phone%20Lookup.&utmhid=57098493&utmr=-&utmp=%2Fen%2Fsearch-v2&utmht=1688664283695&utmac=UA-31583255-1&utmcc=__utma%3D84753865.1442770687.1688664284.1688664284.1688664284.1%3B%2B__utmz%3D84753865.1688664284.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=225103275&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/ 157 KB
157 KB 33ms
32ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5o5-TAFr18s.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_qgszOsFrBH7bZ1Rmfwa9Mc03wLQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8f21a056e4cd847f1e7473be6c0d2ffa216a09d8ba1fa5ba5d1ea7de726de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 16:26:31 GMT
x-content-type-options: nosniff
age: 521892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160632
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 16:26:31 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 152ms
57ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=allnum.ru&callback=_gfp_s_&client=ca-pub-0114134640042423

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14989760a120b90ae8078f73aa5183395cd7491574ff8c336387b2afc4875925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 142ms
56ms Script
application/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=allnum.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35A2 461 KB
94 KB 1754ms
1754ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0114134640042423&output=html&adk=1812271804&adf=3025194257&lmt=1688664283&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fallnum.ru%2Fen%2Fsearch-v2&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688664283619&bpp=6&bdt=353&idt=276&shv=r20230628&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5454685619467&frm=20&pv=2&ga_vid=1442770687.1688664284&ga_sid=1688664284&ga_hid=57098493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075645%2C31075831%2C44788442%2C44789818&oid=2&pvsid=16435508083803&tmod=1796404640&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e63098f1df9ee581526e088dea77bfb542512992048a256a069407ecc33b90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 96681
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:45 GMT
expires: Thu, 06 Jul 2023 17:24:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00F7 30 KB
12 KB 1372ms
1371ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0114134640042423&output=html&h=280&slotname=8768719457&adk=1164656272&adf=1677878930&pi=t.ma~as.8768719457&w=1062&fwrn=4&fwrnh=100&lmt=1688664283&rafmt=1&format=1062x280&url=https%3A%2F%2Fallnum.ru%2Fen%2Fsearch-v2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688664283625&bpp=3&bdt=360&idt=310&shv=r20230628&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5454685619467&frm=20&pv=1&ga_vid=1442770687.1688664284&ga_sid=1688664284&ga_hid=57098493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=269&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075645%2C31075831%2C44788442%2C44789818&oid=2&pvsid=16435508083803&tmod=1796404640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4XFCw6k0cG&p=https%3A//allnum.ru&dtd=318

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9789fb3c99cbf614b2c73e68e7bdff0eaf40a9c47c9291aa9eff19c12ade563c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:45 GMT
expires: Thu, 06 Jul 2023 17:24:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 00F7 3 KB
1 KB 137ms
37ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0114134640042423&output=html&h=280&slotname=8768719457&adk=1164656272&adf=1677878930&pi=t.ma~as.8768719457&w=1062&fwrn=4&fwrnh=100&lmt=1688664283&rafmt=1&format=1062x280&url=https%3A%2F%2Fallnum.ru%2Fen%2Fsearch-v2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688664283625&bpp=3&bdt=360&idt=310&shv=r20230628&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5454685619467&frm=20&pv=1&ga_vid=1442770687.1688664284&ga_sid=1688664284&ga_hid=57098493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=269&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075645%2C31075831%2C44788442%2C44789818&oid=2&pvsid=16435508083803&tmod=1796404640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4XFCw6k0cG&p=https%3A//allnum.ru&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 00F7 20 KB
9 KB 133ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00F7 179 KB
57 KB 199ms
74ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 00F7 0
0 61ms
61ms Fetch
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfD5W2_imZLvmPKSQhQbLxJjYA5yB77Bc0vi3nZ0BwI23ARABIABgoQKCARdjYS1wdWItMDExNDEzNDY0MDA0MjQyM8gBCagDAaoE0AFP0A7dHGOXTMsDqqeUTTTqzWH50JEqLVBycxkqcWYhIi3W3Y5oSENwEDQ1bJc9hPgwDKQhxVreMqvcK_KH8cLzNbqVvV9V8yJO-0RIrEMYXc0Ki1rkPIjLklHrT4zO-fvdnDXHf1uteTWyrT02BYWmbrlvBYSIBLemUdcpH9NRQygnUq345BEQi0jruVgyvHO8uWCPT6aGMDnSWgl_OgIZIvL2a_gl6Ytl7JC6s0Dqgbawd-ndVJAj26cu6tEc-ck8xR8kME04OHXmXPv4eOCugAaIoe6vy9Woq4QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wMTE0MTM0NjQwMDQyNDIzGAA&sigh=Y5CA442Swes&uach_m=[UACH]&cid=CAQSGwBygQiDBgD9hfXNkfGX_VpA4fv6PrBqItJ9GBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0114134640042423&output=html&h=280&slotname=8768719457&adk=1164656272&adf=1677878930&pi=t.ma~as.8768719457&w=1062&fwrn=4&fwrnh=100&lmt=1688664283&rafmt=1&format=1062x280&url=https%3A%2F%2Fallnum.ru%2Fen%2Fsearch-v2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688664283625&bpp=3&bdt=360&idt=310&shv=r20230628&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5454685619467&frm=20&pv=1&ga_vid=1442770687.1688664284&ga_sid=1688664284&ga_hid=57098493&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=269&ady=186&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075645%2C31075831%2C44788442%2C44789818&oid=2&pvsid=16435508083803&tmod=1796404640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4XFCw6k0cG&p=https%3A//allnum.ru&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 17:24:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 17:24:45 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 00F7 0
0 102ms
31ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOmHDc36RKYImALiIp0XAgAAAAioqwkRAl2yENz4pmT36nRQSvs0K93_AAASAAAKCkFRVUJDZ0VCQ2c&wp=ZKb42wAPMzsKwUgkAAYiS-r1cld-yvI25PSlJA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 249220
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 02AB 224 KB
60 KB 171ms
105ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZKb42wAPMzsKwUgkAAYiS-r1cld-yvI25PSlJA&u=%7C8ryJI5MhmHJsplhXQlBXI4BW8r3VZdVMyGS2nmq2HH0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3al3jxWhVXyQ8dPNd1o4JRrAp9nUSYcLS4XrBjJYYg6MIx2dXUVsEezZLAtzWD7LwzuKCqM4OlaoNkYpm-E4XmxgpYhixkM4nNvBLjTJ2LHkSSvIXhmnq4h2mdOYlJh4gQWhxnRsP2-KN21FzbOp-WJ80EzqAkiwT_Ln7ThE0ML6qJb_GWyRyVT9t18e86kSo3ue6J_FV55SsTn7Vl0F6IBhHoUXqhM1f3iWoXEmNh6ak8gvcL2sWfzRp5rP3VocL0g_wz8IHVSrR8nicbiKlbStoCOpJ87tSNQEtakAyVcXAV2qOCrT5QwXOPZYAIk8qs9zwcc5_jpP4GcOxEdARRIvTkMGSmDPo8wfZ0fAHCwl_MFuP_8JOPGZWo61nZLRaKD_0cKxFjLwm-d7w7QboPm2ZHAIljbCNyHH05HCayEBNzMjcnVtflRp47E4aiKt-hbRgOscul_C5fo14W411OQLe2bNsg_R8-M5ragKxiaUpiTvLQPD2oJuv4PLKasCXgA_ZMg-Ftb7zU18neTh9I_eEf5TFtqrD4DZg_gQTYAkA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcAl72_imZLvmPKSQhQbLxJjYA5yB77Bc0vi3nZ0BwI23ARABIABgoQKCARdjYS1wdWItMDExNDEzNDY0MDA0MjQyM8gBCagDAaoE0wFP0A7dHGOXTMsDqqeUTTTqzWH50JEqLVBycxkqcWYhIi3W3Y5oSENwEDQ1bJc9hPgwDKQhxVreMqvcK_KH8cLzNbqVvV9V8yJO-0RIrEMYXc0Ki1rkPIjLklHrT4zO-fvdnDXHf1uteTWyrT02BYWmbrlvBYSIBLemUdcpH9NRQygnUq345BEQi0jruVgyvHO8uWCPT6aGMDnSWgl_OgIZIvL2a_gl6Ytl7JD4sWB4KkQ5dypUORzIoS7tXe008OckAYTXSsTxhmvKRFIu6eBtSvf1gAaIoe6vy9Woq4QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32F_8f3pzTV0wf2sRnRihSI40uNA%26client%3Dca-pub-0114134640042423%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0f8b71e9560dfeb955510c248dd64c5005ac813cabdb156833c1b0a60fa90019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=BPRBNgdalLsTb-W5WQG0NyO1IBMlg2nDxHtyd5SHTb6tkFF6DhAT_XwB0lV1mgu4Apsht0DqacWpGvl2jbCLlP4vmQx-Msf7x0yXUqlg8lh9wv5NqIAzlQ-5vX0pOUgq_RxKI-oTPP-BBZJ5U5L80a9XId-G8p3Wc1dSeIZd7YO6Q-ueH40C2Gdq3_RtEw4nj8wNnpI4fUXz87NGjcDvrOfAa-dS_ZAp1SZiJe0oXVcsGgK-HNQzVvWvh3XM7FWpfO0ntg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58179079
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 00F7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efa5986594f96f4a9f7bf70a09253b84362ad4a0f669b6d9ae9c9a805a6e2ed5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 154 KB
52 KB 66ms
66ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/reactive_library_fy2021.js?bust=31075831

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d99e0a7d78f6318c9962cf5dddb8ee74cc6814cfa0e6d4900a041224cfc2ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53427
x-xss-protection: 0
server: cafe
etag: 5277186979262418356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:45 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 02AB 2 KB
1 KB 103ms
35ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZKb42wAPMzsKwUgkAAYiS-r1cld-yvI25PSlJA&u=%7C8ryJI5MhmHJsplhXQlBXI4BW8r3VZdVMyGS2nmq2HH0%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE46jlJVEZly3al3jxWhVXyQ8dPNd1o4JRrAp9nUSYcLS4XrBjJYYg6MIx2dXUVsEezZLAtzWD7LwzuKCqM4OlaoNkYpm-E4XmxgpYhixkM4nNvBLjTJ2LHkSSvIXhmnq4h2mdOYlJh4gQWhxnRsP2-KN21FzbOp-WJ80EzqAkiwT_Ln7ThE0ML6qJb_GWyRyVT9t18e86kSo3ue6J_FV55SsTn7Vl0F6IBhHoUXqhM1f3iWoXEmNh6ak8gvcL2sWfzRp5rP3VocL0g_wz8IHVSrR8nicbiKlbStoCOpJ87tSNQEtakAyVcXAV2qOCrT5QwXOPZYAIk8qs9zwcc5_jpP4GcOxEdARRIvTkMGSmDPo8wfZ0fAHCwl_MFuP_8JOPGZWo61nZLRaKD_0cKxFjLwm-d7w7QboPm2ZHAIljbCNyHH05HCayEBNzMjcnVtflRp47E4aiKt-hbRgOscul_C5fo14W411OQLe2bNsg_R8-M5ragKxiaUpiTvLQPD2oJuv4PLKasCXgA_ZMg-Ftb7zU18neTh9I_eEf5TFtqrD4DZg_gQTYAkA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcAl72_imZLvmPKSQhQbLxJjYA5yB77Bc0vi3nZ0BwI23ARABIABgoQKCARdjYS1wdWItMDExNDEzNDY0MDA0MjQyM8gBCagDAaoE0wFP0A7dHGOXTMsDqqeUTTTqzWH50JEqLVBycxkqcWYhIi3W3Y5oSENwEDQ1bJc9hPgwDKQhxVreMqvcK_KH8cLzNbqVvV9V8yJO-0RIrEMYXc0Ki1rkPIjLklHrT4zO-fvdnDXHf1uteTWyrT02BYWmbrlvBYSIBLemUdcpH9NRQygnUq345BEQi0jruVgyvHO8uWCPT6aGMDnSWgl_OgIZIvL2a_gl6Ytl7JD4sWB4KkQ5dypUORzIoS7tXe008OckAYTXSsTxhmvKRFIu6eBtSvf1gAaIoe6vy9Woq4QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_32F_8f3pzTV0wf2sRnRihSI40uNA%26client%3Dca-pub-0114134640042423%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:45 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 02AB 2 KB
1 KB 106ms
38ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 02AB 308 B
636 B 102ms
37ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 30 Jun 2024 17:24:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 02AB 293 B
621 B 103ms
38ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 30 Jun 2024 17:24:45 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 02AB 43 B
348 B 110ms
36ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=u-Nj7GdH02nrEadw42YdVD3p90QinhQwT1YRt_IqO8Jm93QRcXywrspKVYCv3kERV3YnmilbF-l3gF0QkMOFKjRN1BR9Lv-xHUaucdeoqNGtS94PyehzmWmLvjdDR5Luxo0EJHrubJbhf9auKwbYlUcDkbIUItszdplLpCfMPUP3juCa8hKYs_URCXC9BNpADXBXixQMTvceH7cYzJ8AWKtmVkn-WaZVmU1lzufMxrJmH45r9Z_md8EiLB6vbrLD3TnjS-2tobI33ZCBOqyiuibLe3sa2Lb9F9cjUxXuIH3B4XvqQq7gcyJ6PYSmCyXtSivsczNwhccfirTfsZZuQ_3XzMFCJCWXkkqqmN959NiBBcuYtW_cu_L5uS6foug8aCTCW5cTIrTKpqrcoCPWEBCouNye390vxGnXShFLEJuPNdcy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4135141
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B24217808.274313803;dc_pre=CIChptfM-v8CFaK0swodRzMOlA;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=64a6f8dc1b724dc01bcc7a82dc5256ff;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/ Frame 02AB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=64a6f8dc1b724dc01bcc7a82dc5256ff;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CIChptfM-v8CFaK0swodRzMOlA;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=64a6f8dc1b724dc01bcc7a82dc5256ff;dc_la...

42 B
119 B

53ms
52ms

Image
image/gif

142.251.32.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CIChptfM-v8CFaK0swodRzMOlA;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=64a6f8dc1b724dc01bcc7a82dc5256ff;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Protocol

Server

142.251.32.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CIChptfM-v8CFaK0swodRzMOlA;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=64a6f8dc1b724dc01bcc7a82dc5256ff;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 02AB 12 KB
5 KB 103ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5870578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NR2aSILsOBR7jNQ7axZ5HNx2zsWmvcxSEiu7kpcHMh3RgddvTpV93qNZkEebbs2FCXGpG5qteFBJJYvYe37IYqgxLA405DR5x7WSbxuNERds4iooeGEWxAoi9t%2FgWRqnf15gA1iGfICSIOdxrJ88xfs1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e298b0b5e62d15f-BUF
expires: Tue, 25 Jun 2024 17:24:45 GMT

GET
H2 200 58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff
static.criteo.net/design/dt/ Frame 02AB 24 KB
24 KB 123ms
61ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

e9fdc188060ed6e1f88c478d14ec18de88aa08f8a04920a03c707b158b91bb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Dec 2018 15:42:02 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c09434a-5e6c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 02AB 12 KB
6 KB 67ms
47ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 3 KB
3 KB 361ms
29ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=25144&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F25144%2F200701%2F49c7fdefdb4a4feebd2bf14922e3bf51_relaterentals_core_logowht.png&v=3&w=196&s=iFfU9Beo6eEL90Gh8tsfxEeq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3fa4f43228c9cce7b14ffd2a41e944d9a3f01e667d1cfdf64bbd5385efbc1a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3383
expires: Fri, 14 Jun 2024 05:11:42 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 51 KB
51 KB 366ms
35ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2018-05%2F500-lake-shore-apartment-interiors3_2.jpg%3Fh%3Da0ee1e3c%26itok%3DAEmpKRxL&v=3&w=800&s=a2mfdJb9N4RQCxFIZqJpgsK4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

250e0cd1cf4861646b11fd92ce7b2497f465282f138e081d32ee6a320b76d245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 51860
expires: Thu, 13 Jul 2023 00:36:40 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 53 KB
53 KB 393ms
62ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2018-12%2Fwestminster-kitchen_7.jpg%3Fitok%3DJSV91iI6&v=3&w=800&s=HS-hyv8GWU0dQqRTaj7Tjjy0&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7149bd7c99d8c9ef3236b905219ededcbaac7677bea7655ae8a64df98778f48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 54514
expires: Sun, 16 Jul 2023 21:29:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 139 KB
139 KB 457ms
126ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2019-12%2FMason-on-Mariposa-2bed-bedroom_20.jpg%3Fitok%3DB4El3QPD&v=3&w=800&s=ktUvPayi256N6O_SwuoWyLFa&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

cc566cc17e6333ea74a493aa3a4e630c938d48a12291603bb7464d3694fb8ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 141852
expires: Tue, 18 Jul 2023 19:58:13 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 51 KB
51 KB 441ms
111ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2018-12%2Ftate-nyc-studio.jpg%3Fh%3D25e404c5%26itok%3DTr7am9x5&v=3&w=800&s=yFOiS_GCWvv8lVUA1_qJEvb4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

83ee74925c3089cfd2261d99c61808effc9fb54847df1b7d7af7ce84ababcb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 51818
expires: Fri, 14 Jul 2023 21:14:10 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 41 KB
42 KB 447ms
116ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2019-01%2FOne-Bennett-Park-Chicago-05-Master-Bedroom_0.jpg%3Fh%3D34d25fc5%26itok%3DmROej3Xl&v=3&w=800&s=6yA-8yhxFL6lkPRyZe7AN9-M&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

dc92f10ad5ae6c0838a6488125e3d58bf3c20431efdce5b4f1372611ff9b7b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 42392
expires: Mon, 17 Jul 2023 21:01:34 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 115 KB
116 KB 130ms
128ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2020-06%2FPH1D-190227_LJW-LivingRoom-01a_0.jpg%3Fitok%3DLALb1lP-&v=3&w=800&s=0GRAw2_Wn1EUCv_le9fEp_Il&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

357363943fed1a6433788f1ba5927dddc2b5ea8ff07d70a1540acfce44b59de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 118006
expires: Fri, 07 Jul 2023 21:09:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 38 KB
38 KB 134ms
133ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2018-12%2F1-the-westport-nyc-bedroom_0.jpg%3Fh%3D4cf2dbe7%26itok%3D3ZCtq6zl&v=3&w=800&s=Wpr8CVMGrY8a9LLP1nt-Spcj&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a1be00b8fc413352dea1ba07605fb0c5e94fd970f37a1db0e81552090c06fc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 39142
expires: Tue, 11 Jul 2023 20:03:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 16 KB
16 KB 129ms
128ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2020-06%2F5C-190124_LJW-Kitchen-01c_2.jpg%3Fh%3Dfbba1660%26itok%3DNjYiK--r&v=3&w=800&s=QfKa9V725iYjxp5E9TSnmjzy&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e13dd9e58e147afde62b4e30cf6843651b41a6cda11520d0282f4328c0aaa70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 15982
expires: Wed, 12 Jul 2023 09:49:44 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 02AB 74 KB
74 KB 130ms
130ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2018-12%2Fwestminster-bedroom-1-B_9.jpg%3Fitok%3DC0ciVavn&v=3&w=800&s=hghgvWmuc9dUO5FKjwGLH6rK&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4201b34a0bb95e7e9c2c862be65fb897e0e762668c4c6bb963ab466a39f07248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
content-length: 75894
expires: Thu, 06 Jul 2023 23:22:56 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 02AB 0
128 B 357ms
28ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=BPRBNgdalLsTb-W5WQG0NyO1IBMlg2nDxHtyd5SHTb6tkFF6DhAT_XwB0lV1mgu4Apsht0DqacWpGvl2jbCLlP4vmQx-Msf7x0yXUqlg8lh9wv5NqIAzlQ-5vX0pOUgq_RxKI-oTPP-BBZJ5U5L80a9XId-G8p3Wc1dSeIZd7YO6Q-ueH40C2Gdq3_RtEw4nj8wNnpI4fUXz87NGjcDvrOfAa-dS_ZAp1SZiJe0oXVcsGgK-HNQzVvWvh3XM7FWpfO0ntg&sds=2&rev=87360&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 06 Jul 2023 17:24:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 02AB 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 02AB 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 59ms
58ms Script
application/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=allnum.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/ Frame 8656 10 KB
4 KB 29ms
28ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 12:08:59 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 12:08:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/ Frame EB90 10 KB
4 KB 30ms
30ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 12:08:59 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 12:08:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/ Frame AE3E 10 KB
4 KB 37ms
33ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 12:08:59 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 12:08:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/ Frame 6DCC 10 KB
4 KB 36ms
35ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 18947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 12:08:59 GMT
etag: 12368291122986407432
expires: Thu, 20 Jul 2023 12:08:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8656 4 KB
1 KB 244ms
60ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 15:30:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 17:24:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8656 205 B
651 B 207ms
25ms Image
image/png 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 02:56:06 GMT
x-content-type-options: nosniff
age: 138520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jul 2024 02:56:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8656 604 B
695 B 207ms
26ms Image
image/png 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 00:08:31 GMT
x-content-type-options: nosniff
age: 62175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jul 2024 00:08:31 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/ Frame 8656 14 KB
6 KB 35ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 01:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6331
x-xss-protection: 0
server: cafe
etag: 18044331813203521086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 01:05:20 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/ Frame 8656 20 KB
9 KB 42ms
40ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:47:34 GMT

GET
H2 200 playfairdisplay-400.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame 02AB 1 KB
760 B 29ms
29ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c7-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:46 GMT

GET
H2 200 playfairdisplay-700.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame 02AB 1 KB
761 B 30ms
30ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

811b6e679ed2a18fb5696054a5386869bef195c0dcdd045f623dc19530216741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:46 GMT

GET
H2 200 playfairdisplay-400-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame 02AB 19 KB
20 KB 55ms
50ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:22 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c6-4d94"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:46 GMT

GET
H2 200 playfairdisplay-700-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame 02AB 20 KB
21 KB 39ms
39ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c16f06e6edabd22d2c5c9d9b87260eca6faf706400dea89876de323480750489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-51e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:46 GMT

GET
H2 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame EB90 9 KB
4 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Oct 2023 19:00:23 GMT

GET
H2 200 369d21e23798e41a4bd263e83a9ef671.js Show response
www.gstatic.com/mysidia/ Frame EB90 10 KB
4 KB 41ms
41ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/369d21e23798e41a4bd263e83a9ef671.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 12:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4215
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 20:20:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 12:02:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EB90 14 KB
1 KB 55ms
52ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 16:11:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 17:24:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame EB90 2 KB
892 B 44ms
42ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame EB90 23 KB
9 KB 45ms
42ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame EB90 3 KB
1 KB 51ms
48ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame EB90 20 KB
8 KB 45ms
43ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB90 179 KB
56 KB 66ms
64ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:46 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame EB90 33 KB
14 KB 26ms
24ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 08:15:33 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame C80D 89 KB
34 KB 505ms
122ms Script
text/javascript 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUAU4D25&ydspr=1

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

72021b192a3e30362bd698b8a994542b308411e1c767a4747f50d148cd0fb6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-mnt-h: 21-gzkn
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 06 Jul 2023 17:24:46 GMT
server: Apache
etag: "d9f546d492b9f139ab3b9d6297ba2c68"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-k3t2
timing-allow-origin: *
content-length: 34484
expires: Thu, 06 Jul 2023 17:29:46 GMT

GET
H2 200 release-20230329-99-adperformance.js Show response
warp.media.net/rtb/resources/ Frame C80D 71 KB
25 KB 175ms
43ms Script
application/javascript 23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

UploadServer /

Resource Hash

529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Thu, 06 Jul 2023 17:24:46 GMT
x-guploader-uploadid: ADPycds6U0Jo4wphPIhtjIW_zYBSRGl4DaYR8mmv3X8vDsvZc4J6hNP-8h-rCoQQ2vqQYFUrAe-DorkIvupepnYQoZk4JCSPIv54
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25080
server: UploadServer
etag: "821663833b8f83b3092ebbca9ed4a6f2"
vary: Accept-Encoding
x-goog-hash: md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type: application/javascript
x-goog-generation: 1680095338448196
cache-control: max-age=3600
x-goog-stored-content-length: 73074
expires: Thu, 06 Jul 2023 18:24:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame C80D 3 KB
1 KB 51ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame C80D 20 KB
8 KB 48ms
35ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C80D 179 KB
56 KB 84ms
60ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6DCC 0
0 103ms
92ms Fetch
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1wrH2_imZMm0O4mlhQap0YTIBpmc3r1w587jk8gRZBABILbtkxhgye6Oi8CkjBCgAayvqfkCyAECqQLJOsViMDyyPqgDAcgDyQSqBN0BT9DuNFmBiWxfh5X-XxSHX_cSB7yxS0AVt5ql09QX9FwhE2Gx9RHdomx9fjo0DBnbEdtHMdEFF6FiQhRlqKaE0S3gHu_zwV7Jan4INfoPRNccVzyBYEm03kOvV9CwSk3gA7etatiH_Thy_UjJlGmp3Jvz8P_IwcOV6S27weG8xEiPgoYk_ntN4SqfPUOug_7kVzmmpbSZbHGZh1hDN5KDyI3oQUs3paeT_px3snbvaSwv6ox5uVyk2tkKLs-JwU0P0_fP8Bt7yBmxvjOuJxEMoOuyBZ5tPF2QJLr3WZDABMzJja3KBJIFBAgEGAGSBQQIBRgEoAYCgAe80NaGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMqdCNIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTAxMTQxMzQ2NDAwNDI0MjMYAA&sigh=YzNRHU1JAWc&uach_m=[UACH]&cid=CAQSGwBygQiDrX7K0J5C7J-QML_2qsuPlIN-L6FA1RgB

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 17:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 6DCC 23 KB
9 KB 43ms
32ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7AF 143 B
166 B 35ms
28ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:25:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 6DCC 3 KB
1 KB 50ms
40ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 6DCC 20 KB
8 KB 42ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:16 GMT

GET
H3 200 14729116490469722010
tpc.googlesyndication.com/daca_images/simgad/ Frame 6DCC 22 KB
22 KB 58ms
50ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14729116490469722010

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54b7eaf3090a33e8f855bf7739a5b789e74ab5c9cfc24467ea0ea623f8c56b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:20:33 GMT
x-content-type-options: nosniff
age: 543853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22226
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 07:22:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jun 2024 10:20:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DCC 179 KB
56 KB 95ms
89ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:46 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 6DCC 33 KB
13 KB 47ms
41ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a808c83496c6a828ff758fedadde6845177d7cfe0e958e6942c231b13a3ed81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13558
x-xss-protection: 0
server: cafe
etag: 12990281777216906770
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:13:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 91DD 14 KB
1 KB 58ms
54ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 17:05:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 17:24:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 91DD 2 KB
892 B 45ms
45ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 91DD 23 KB
9 KB 45ms
42ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 91DD 3 KB
1 KB 49ms
46ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 91DD 20 KB
8 KB 45ms
42ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:10:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91DD 179 KB
56 KB 151ms
147ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 17:24:46 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame 91DD 33 KB
14 KB 35ms
31ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 08:15:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 57AA 143 B
166 B 36ms
35ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 16:25:49 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6DCC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffb28bd6040558b288a775d318dbf68de279e4c485352f5cab3027f902f72705

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
50ms

Document
text/html

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:46 GMT
expires: Thu, 06 Jul 2023 17:24:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1997305006706444999/ Frame EB90 4 KB
4 KB 152ms
151ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1997305006706444999/14763004658117789537?w=300&h=300

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d7e199b84860dd5d019cf285b7d79bbfcd573a52a2e78aa54183cc5ffa3ba48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4309
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 13:04:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jul 2024 17:24:46 GMT

GET
DATA 200
OK truncated
/ Frame EB90 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e457fa76c52a23b23f1b15cbf999967d68b8f173f914c8588318597627c0096

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 57AA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
69ms

Document
text/html

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:47 GMT
expires: Thu, 06 Jul 2023 17:24:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EB90 0
19 B 61ms
61ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSxUs2_imZMe0O4mlhQap0YTIBpLsuKRs4bal89APh9aN9ZIOEAEgtu2TGGDJ7o6LwKSMEKAB4r-h4gPIAQGpAmf3lYTJLKk-qAMBqgTYAU_QpQFwsTWZtoeQhQNKE9qgDCW9J2Et70ZzufM2Ibfy8291NNyBBljNQ2BOCGvtm8mQYVhB5pUjSP_pyDKsdDwkWVBAnSepPAnhV3k9kDbONX77kEUfTZH4ERniYw8JxKTbwSef5cg8IDaPvIyljNCXG9zLIQ-4I-xX_rg5FtPZZazP5x-B7RIlL_RDd3zjcOSX1LsXj034ZUko_zPJEEcEnlQL_sumCOe6UpmtGVvHenUDi13mOdaJKe4W5UaYPr9Tlz1z0Y9j_lSTJA1GiJgJokaZzZnr8sAEhqTyv4cEkgUECAQYAZIFBAgFGASAB4bA3h2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDXhgPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0wMTE0MTM0NjQwMDQyNDIzGAA&sigh=cmbSCzkpK3M&uach_m=[UACH]&cid=CAQSGwBygQiDrX7K0J5C7J-QML_2qsuPlIN-L6FA1RgB&template_id=5001&vis=1

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 17:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame FB9C 37 KB
14 KB 29ms
28ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: allnum.ru
URL: https://allnum.ru/en/search-v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 17:59:41 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00F7 42 B
175 B 51ms
50ms Fetch
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulMUAddRi34nY7hoT-0k58_HBQFYhJimssMumGBlUzl9R8euWnGHUcczh5uEjv9iWeL1Sm9Ieb3ua1CVXhYZE67fLr&sig=Cg0ArKJSzHhZbpjIVE2mEAE&id=lidar2&mcvt=1001&p=0,0,280,1062&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1164656272&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688664283946&rpt=1899&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame C311 74 KB
29 KB 304ms
303ms Document
text/html 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUAU4D25&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

c49be289b2e89bae32d7529dda0e09e5a0a1fb716fa4c973247e5f5bfa24e091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 29454
content-type: text/html
date: Thu, 06 Jul 2023 17:24:47 GMT
expires: Thu, 06 Jul 2023 17:24:47 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-882m

GET
H2 200 bping.php
lg3.media.net/ Frame C80D 35 B
178 B 115ms
68ms Image
image/gif 23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2512&&vgd_cdv=1010&vgd_cage=0&vgd_tsce=L186&vgd_mcf=60412&gdpr=0&prid=8PRVCXX19&cid=8CUAU4D25&crid=536632528&vi=1688664286767683340&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=170785089&r=1688664287160&rrr=tzR-hLcl-L_Um4rbu6LG1Rb6srKxmsSt1R6BkJE4l2Gq4WYVGJDSWw%3D%3D&requrl=https%3A%2F%2Fallnum.ru%2F&vgde_bdata=~G-MjJzvuAuW~GwEv9~G8Ov9.uu9~G-M1QzvhuF~G-MJ-Ev9.X~G-My8zQxv9~G-M81GvVKRuioAX~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuF9-F99~G-M7Y1-vfH9~G-M7YjMQxkk8-vS~N875vRPssKTa~NUMkjv9~ONvyNEoxQoBJQ7uoG~OYYMOuv9~OYYMOu9vh~OYYMOufvu~OYYMOuHvX~OYYMOuXvu~OYYMOuFvA~OYYMOuhvH~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9X~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfivu.99~OYYMOAv9.X~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfvu.99~OYYMOXFv9~OYYMOhv9~OYYMOWvh~OYYMjv9.9Xi~OYYMYuv9.uui~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.Wuh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.uXX~OYYMYfv9.9hf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAAv9.9fW~OYYMYAHvu.999~OYYMYAXvu9H99.999~OYYMYAFvu9H99.999~OYYMYAhvh.999~OYYMYAWvh.999~OYYMYAivuui9F.uui~OYYMYH9vuiu9Af.999~OYYMYHuvHA.hWf~OYYMYHfvufAh.999~OYYMYXv9.iHi~OYYMYXuvu9H99.999~OYYMYXfv9.WF9~OYYMYXAv9.fWF~OYYMYXHvX.999~OYYMYXXv9.uuh~OYYMYXFvX.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.WFu~OYYMYivu.999~OYYMLv9.f9u~JMLEYv9.uui~JLEYv9.uui~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvPb~LM8EvfF9fokkNWo999fo9999o9999o9999o9999o9999~LMQNvI3~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~Q7Ov1QB8k7M9MwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9HW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.WF~EmQvu~N7Lvf.hXHXFW4oH~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.uu9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGo9uuHuAHFH99HfHfA~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vXX~OmyGv9ou~8GNvu~&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Gxkk1jm%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1688664286144721900&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUA8FX86&vgd_hb_audit_2=516394027&vgd_pgid=p0640505754t202307061724&vgd_pgids=1&vgd_uspa=0&hvsid=00001688664287155016112663488754&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Thu, 06 Jul 2023 17:24:47 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 06 Jul 2023 17:24:47 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2A77 27 KB
10 KB 160ms
160ms Document
text/html 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUA8FX86&prvid=99%2C77%2C20000%2C2033%2C294%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

fea5ae371f22342f20c15844adfadc384d398615c577d82246e1fa1cb1c2aecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9754
content-type: text/html; charset=UTF-8
date: Thu, 06 Jul 2023 17:24:47 GMT
expires: Sat, 08 Jul 2023 17:24:47 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame C80D 35 B
193 B 109ms
64ms Image
image/gif 23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5927&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUA8FX86&reqid=l2m14ovEZc7a7_f-j47KLA&vid=l2m14ovEZc7a7_f-j47KLA&dn=allnum.ru&rawDn=allnum.ru&pid=8PR113JGC&ugd=4&fleet=ebda&requrl=https%3A%2F%2Fallnum.ru%2Fen%2Fsearch-v2&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=NY&ct=buffalo&zip=14202&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-ebda-57bdcb8548-qpgjf.OR&dtc=west_or&zone=b&ptype=23&tmax=300&xtmax=290&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=716&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AEH8YCgmNbJwnj4MiB84ssQ7UtHEsqqs2JzcA2ZQsb0a_cAyGWvAk01Ykga4tLdAfmoLVPvu&pexid=ADX-pub-0114134640042423&geoll=false&is_ortb=false&s_ip=172.253.254.1&s_city=dallesport&commit_id=4eba8bef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-07-06+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&rtttime=35&req_tid_present=false&pvid=462&prvAccId=536632528&prvApiId=8CUAU4D25&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=516394027&prspt=headerBid&prvReqId=3966927163969_896182691_51639402714621&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.110&cbdp=0.048&og_cbdp=0.110&ogbdp=0.11&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.048&dt=O&dbf=1&epc=536632528&s=1&snm=SUCCESS&pcrid=8CUAU4D25-536632528-27-9&tpbTkn=false&exid=220&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=86&slotVisibility=1&adpos=1&iframingState=0&sbdrid=99&exp=sce%3D1%7CssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1688664284119&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807684000160060000059500&strg=HARMONY&stagid=aswift_0_host&pgcatiab=IAB19-35&pgcatiab2=627&pgcatsprig=1234&vls=0&scrid=1700080807684000160060000059500&mang=1&pvdTmax=249&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apPrfs%3C%3E=60%23%2365%23%2313%23%234%23%2310&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CUAU4D25&mx_SPRIG=1&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUA8FX86&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=1&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=2&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=abf156c1d6&ydsp_bucket_id_entity=137&ydsp_bucket_name_entity=Control+A&ydsp_test_id_entity=43&acid=29bc0f7c37e04d6bad533fbf9b267da5&rtime=8.0&wsip=mowx-59f5bd7bb8-4rk67&ltime=25.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1812271804&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=cid_abk_div&mowxReqId=29bc0f7c37e04d6bad533fbf9b267da5_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=2.754568E-4&ctr_vendor=EXCHANGE&rfc=-1&dfpDiv=aswift_0_host&feedback_id=l2m14ovEZc7a7_f-j47KLA&supplyTagId=1812271804&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&actltime=26&mp_seg%3C%3E=100049%23%23100050%23%23100053%23%23100057%23%23100058%23%23100059%23%2360699%23%23100066%23%23100069%23%2360711%23%23100087%23%23100088%23%23100110%23%23100092%23%2360461%23%23100099%23%2360878%23%23100108%23%2360699%23%2360711%23%2310000904%23%2360461%23%2317191%23%2360878&debug_ts=2023-07-06+17%3A24%3A44&__expireat=1688664884373&mview=1&rme=adm&bdata=~bx_len%3D1318~bhp%3D0~bid%3D0.110~bx_asn%3D716~bx_exp%3D0.5~bx_ginsu%3D0~bx_iab%3DIAB19-35~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010000~bx_size%3D160x600~bx_tmax%3D240~bx_tml_suffix%3D%2F~city%3DBUFFALO~ck_fl%3D0~dc%3Dgcp-us-west1-b~dmm_d1%3D0~dmm_d10%3D7~dmm_d12%3D1~dmm_d14%3D5~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D4~dmm_d18%3D85~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.05~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D2~dmm_d29%3D1.00~dmm_d3%3D0.5~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D1.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D7~dmm_l%3D0.059~dmm_m1%3D0.119~dmm_m10%3D1.000~dmm_m11%3D0.967~dmm_m12%3D0.817~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.000~dmm_m16%3D0.155~dmm_m2%3D0.072~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m33%3D0.028~dmm_m34%3D1.000~dmm_m35%3D10400.000~dmm_m36%3D10400.000~dmm_m37%3D7.000~dmm_m38%3D7.000~dmm_m39%3D11906.119~dmm_m40%3D191032.000~dmm_m41%3D43.782~dmm_m42%3D1237.000~dmm_m5%3D0.949~dmm_m51%3D10400.000~dmm_m52%3D0.860~dmm_m53%3D0.286~dmm_m54%3D5.000~dmm_m55%3D0.117~dmm_m56%3D5.000~dmm_m57%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.861~dmm_m9%3D1.000~dmm_r%3D0.201~e_rpm%3D0.119~erpm%3D0.119~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_cc%3DUS~r_ip%3D2602-ffc8-0002-0000-0000-0000-0000-0000~r_sc%3DNY~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3Daswift_0_host~std%3Daswift_0_host~vbr%3D0~visibility%3D1~cbdp%3D0.048%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_0_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_0_host%7Eviewability%3D0.86%7Epos%3D1%7Ectr%3D2.754568E-4%7Eac_type%3D1%7Eadblk%3D1812271804%7Eamp%3D1%7Eogbid%3D0.110%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison12%7Esobp%3D%7Exid%3DADX-pub-0114134640042423%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A0%2C%22p%22%3A4%7D%7Edcut%3D55%7Edogb%3D0-1~ibc%3D1~&utime=3052&sf=0&cpr=0.3988676177132837

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:47 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 06 Jul 2023 17:24:47 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 02AB 0
127 B 30ms
30ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 06 Jul 2023 17:24:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F2D 37 KB
14 KB 29ms
28ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 17:59:41 GMT

GET
H2

200

cksync
cs.media.net/ Frame 2A77
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzMxNjY1ODg3NjYzNDg5NzAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESECrKcfqoQVNJPkuvtd5oQDo&google_cver=1

61 B
455 B

271ms
251ms

Image
image/gif

23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESECrKcfqoQVNJPkuvtd5oQDo&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUA8FX86&prvid=99%2C77%2C20000%2C2033%2C294%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-44-18.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:47 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 06 Jul 2023 17:24:47 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESECrKcfqoQVNJPkuvtd5oQDo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 2A77
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e4e2b6eb-b02e-4382-9a1b-790f362caf68

61 B
459 B

159ms
159ms

Image
image/gif

23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e4e2b6eb-b02e-4382-9a1b-790f362caf68
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUA8FX86&prvid=99%2C77%2C20000%2C2033%2C294%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-44-18.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:47 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 06 Jul 2023 17:24:47 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e4e2b6eb-b02e-4382-9a1b-790f362caf68
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H2

200

cksync.php
contextual.media.net/ Frame 2A77
Redirect Chain

https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
https://contextual.media.net/cksync.php?cs=1&ovsid=5a8cd071-c54c-4770-ba97-163d233421ec&type=loop&gdpr_consent=null&gdpr=0

61 B
475 B

252ms
252ms

Image
image/gif

23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&ovsid=5a8cd071-c54c-4770-ba97-163d233421ec&type=loop&gdpr_consent=null&gdpr=0

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUA8FX86&prvid=99%2C77%2C20000%2C2033%2C294%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Protocol

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 17:24:47 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 06 Jul 2023 17:24:47 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=1&ovsid=5a8cd071-c54c-4770-ba97-163d233421ec&type=loop&gdpr_consent=null&gdpr=0
date: Thu, 06 Jul 2023 17:24:47 GMT
server: _
content-length: 0

GET
H2 200 bql.php Show response
lg3.media.net/ Frame C311 15 B
162 B 112ms
110ms Script
text/javascript 23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6138&&vgd_canary=0&vgd_l2type=scs_newfl&fp=TvwWansLTeuDWoIPCoTDajjp8KFbQnaXH6EFi5vucPK43k3lsRgXnoQ7uwJRkkMkF9HwjfuXHV4DnnwvWInUnUuVybALdIV2kd1w0IoOHIVBQIZmbciuKLXToTw8ISae&cme=pRwXyCAvHpA91UvDSKH8litineXrKsjX-1HyJu0YgOdOC9muat2qjgLV-eVBbNX-qz-Gyu1wEz-k0wGpD-nVytW0hNdanNTgxAOexbcOkRXp-GH2usJgvMTKYFTbb2O2ZxGwkHaYWYiv6a1oqQFqECXuyVZCOAhHEAU0yNNsAg-7vpPpSXfXLjIXtk15_edhuuXd6CejCPPR9FpsAodNAnBMtSMh8HR3wETODk_p4r_vyCC3lPrjPQ%3D%3D%7C%7C1o6OFOzSGkAwCBv8bnoGWmNheSSmmVMG%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD4nDpP3ckJgROSscHwUN5CvpFiKdfCAmgHzhz5gMv9VwA%3D%3D%7Cvw4clRgv0B5oNQFuA3cbf0llmbFbEAeeotc6O2fNpKv4sdTVmW0GelXxw0uDKLlrzAVLo1hRBlEm3JuWKMfl9jW_C7taQb3ZJn20ZlfHfyNAu99Bt1bohCpYKVYdGAY1tC2NM3qIx2ELXMf0TpCIziIej0kLQ2ARcZI7bGaxQwPOKDGzqZRIEb8MZnK67XgIEGIVir7pTTZDHzOcU33ShuRw8bKgmIH3f7ZSHymPDy7s-Puh3v9ZwsPruRf68zi7Ubq9JfZyT9Raa3puKJTOYNHZiXDeu2CvuWS7Tm_S-84%3D%7Cu8A6SM53vAdVCSnFbDK289CZE0ezXjKq%7C&subBdr=99&bdrid=462&ksu=224&fdkt=265&vgde_kbbh=ffoyxQJuO&kwd[]=Phone+Lookup+by+Name&kwt[]=265&kbc[]=20332&kwp[]=1&kid[]=138932762&kbc2[]=60%3D0.80%7C10%3D0.08%7C63%3D0.00%7C53%3D0.75%7C12%3D1.65%7C62%3D0.71%7C80%3D1.07%7C1%3D0.97%7C2%3D2.25%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D265%7C23%3D0.0350%7C24%3D797%7C25%3D0%7C22%3D0.0017%7C7%3D0.0008%7C8%3D070517%7C9%3D0%7C11%3D0%7C26%3D4612%7C27%3D47%7C13%3D0.0873%7C14%3D070611%7C15%3D0%7Cr%3D7%7Cir%3D1%7Ciid%3D1768131%7Cps%3D0.731&ktd[]=4503876149575936&kwd[]=Best+Cell+Phone+Signal+Boosters&kwt[]=265&kbc[]=20332&kwp[]=2&kid[]=315807111&kbc2[]=60%3D0.55%7C10%3D0.08%7C63%3D0.00%7C53%3D0.42%7C12%3D0.81%7C62%3D1.32%7C80%3D2.01%7C1%3D1.20%7C2%3D2.92%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D265%7C23%3D0.2801%7C24%3D0%7C25%3D0%7C22%3D0.0282%7C7%3D0.0004%7C8%3D070517%7C9%3D0%7C11%3D0%7C26%3D380%7C27%3D8%7C13%3D0.0958%7C14%3D070611%7C15%3D0%7Cr%3D15%7Cir%3D1%7Ciid%3D4674272%7Cps%3D0.731&ktd[]=4503875327492352&kwd[]=White+Pages+Phone+Book&kwt[]=265&kbc[]=49569&kwp[]=3&kid[]=30754679&kbc2[]=60%3D0.89%7C10%3D0.08%7C63%3D0.00%7C53%3D1.11%7C12%3D0.51%7C62%3D0.81%7C80%3D0.74%7C1%3D0.66%7C2%3D1.13%7C5%3D-1%7C6%3D-1%7C16%3D-1%7Cbkt%3D265%7C23%3D0.5984%7C24%3D0%7C25%3D0%7C22%3D0.0282%7C7%3D0.0005%7C8%3D070517%7C9%3D0%7C11%3D0%7C26%3D56%7C27%3D0%7C13%3D0.0863%7C14%3D070611%7C15%3D0%7Cr%3D16%7Cir%3D1%7Ciid%3D1634413%7Cps%3D0.731&ktd[]=4503875344269568&kwd[]=Best+Ways+to+Whiten+Teeth&kwt[]=655&kbc[]=null&kwp[]=4&kid[]=49046364&kbc2[]=&ktd[]=&kwd[]=Top+3+Stocks+to+Buy&kwt[]=655&kbc[]=null&kwp[]=5&kid[]=321206339&kbc2[]=&ktd[]=&v=1&geo=42.88%7C-78.88&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774883&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Gxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CUAU4D25&vi=1688664286767683340&vsid=3316658876634829&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L186-S186&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUA8FX86&vgd_hb_audit_2=516394027&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=47591&vgd_nrrmf=3000c80a&vgd_nrrsf=scrr&vgd_cty=buffalo&vgd_ifrmode=14&sttm=1688664287155&upk=1688664287.17812&hvsid=00001688664287155016112663488754&verid=3111299&sbdrId=99&tsrc=entity&vgd_l1rakh=1688664286144721900&vgd_ecrid=1700080807684000160060000059500&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%227JQ7VO4z7875%22%3A%22HA%22%2C%22GxNUJ7VO4z7875%22%3A%22uAh%22%2C%22GxNUJ7I1YJ4z7875%22%3A%22%3Dmz7LmjnK%22%7D&vgd_mcf=60412&vgd_vstrid=3316658876634829&vgde_bdata=~G-MjJzvuAuW~GwEv9~G8Ov9.uu9~G-M1QzvhuF~G-MJ-Ev9.X~G-My8zQxv9~G-M81GvVKRuioAX~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuF9-F99~G-M7Y1-vfH9~G-M7YjMQxkk8-vS~N875vRPssKTa~NUMkjv9~ONvyNEoxQoBJQ7uoG~OYYMOuv9~OYYMOu9vh~OYYMOufvu~OYYMOuHvX~OYYMOuXvu~OYYMOuFvA~OYYMOuhvH~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9X~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfivu.99~OYYMOAv9.X~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfvu.99~OYYMOXFv9~OYYMOhv9~OYYMOWvh~OYYMjv9.9Xi~OYYMYuv9.uui~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.Wuh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.uXX~OYYMYfv9.9hf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAAv9.9fW~OYYMYAHvu.999~OYYMYAXvu9H99.999~OYYMYAFvu9H99.999~OYYMYAhvh.999~OYYMYAWvh.999~OYYMYAivuui9F.uui~OYYMYH9vuiu9Af.999~OYYMYHuvHA.hWf~OYYMYHfvufAh.999~OYYMYXv9.iHi~OYYMYXuvu9H99.999~OYYMYXfv9.WF9~OYYMYXAv9.fWF~OYYMYXHvX.999~OYYMYXXv9.uuh~OYYMYXFvX.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.WFu~OYYMYivu.999~OYYMLv9.f9u~JMLEYv9.uui~JLEYv9.uui~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvPb~LM8EvfF9fokkNWo999fo9999o9999o9999o9999o9999~LMQNvI3~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~Q7Ov1QB8k7M9MwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9HW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.WF~EmQvu~N7Lvf.hXHXFW4oH~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.uu9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGo9uuHuAHFH99HfHfA~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vXX~OmyGv9ou~8GNvu~&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=143&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=514&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=50&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00001688664287155016112663488754&rc=0&rand=1688664287521&acid=29bc0f7c37e04d6bad533fbf9b267da5&matm=1688664287521&vgd_ltimesrc=1&vgd_ltime=1150&vgd_rtime=1145&vgd_etm=8&vgd_l1hcsd=Ogzkn%7C4407&vgd_l1ch=1&vgd_lhl=1378&vgd_pgid=p0640505754t202307061724&vgd_kclkp_d=%26sgmt%3D100099%252C100066%252C100069%252C100108%252C100110%252C100049%252C100050%252C100053%252C100087%252C100057%252C100088%252C100059%252C100058%252C100092&vgd_csip=rtb-ebda-57bdcb8548-qpgjf.OR&vgd_sbSup=0&vgd_nrrs=47591&vgd_cdv=1010&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Thu, 06 Jul 2023 17:24:47 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Thu, 06 Jul 2023 17:24:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6DCC 42 B
64 B 53ms
53ms Fetch
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2qBQVrAygqKg5io3duTyU_wn-Lj3pts47MqeSVNdDk_JxrJTSJcTZUIhH9X-wFMR6z1OCoctkWYl21kRkGtSiSz6L07xMar0srbwwmATKJu6DStGRljBKXfozWAO9v84EvzZezeSGDg&sai=AMfl-YTXyOBl8Jsp7opJIR7LdGD5LGnUFdRJ6Ay3xYKfSsmkUk7TIB5UlfahVBzmf_qg0x6eVla1nAXF9rdn&sig=Cg0ArKJSzBG0daFO9kydEAE&cid=CAQSGwBygQiDrX7K0J5C7J-QML_2qsuPlIN-L6FA1RgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=397,1000,1000,1000,1000&tos=397,603,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688664286059&rpt=593&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB90 42 B
64 B 53ms
53ms Fetch
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnBrPRVZ1l2u7P1QIChJ2vfSeYaamRLDH4ClXj0UtbSzp-YaygK5gdoFrg538sdsfvzqvZSh1-SGWcQDPGOWB7OuhRpDKls80H4UgLAGDEInAL4ZEL5bK0x8wXiDK2HmZjLHfArudmFA&sai=AMfl-YQ0ylh-BQ7dVGPfIGPM2Svr93EX7yuTAEVZm1mc4UPeaPUWPgfS3RKuKe3FKRcnlftHzjoeCndAnna9&sig=Cg0ArKJSzIhqCyzQBbdIEAE&cid=CAQSGwBygQiDrX7K0J5C7J-QML_2qsuPlIN-L6FA1RgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688664286053&rpt=607&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 65ms
65ms XHR
application/json 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230628&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16cdf2fc88bab61c6537befff54bcafc8f32366e211c7c22b6320150dbd0b7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11773
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C80D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ba9213c36940effa469a364455136a6866e97c5eb6cd31d39fb8e4718a795e2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C80D 0
19 B 65ms
64ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAfsr2_imZMi0O4mlhQap0YTIBr6VpK9s99rS06wMwI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItMDExNDEzNDY0MDA0MjQyM8gBCagDAaoEywFP0Dr0WnfjI9svBglmUiUIMmA2MAsoRlJqH3lH-P9aiOKpb2Rhew9l0VD68ZiCZdmO_p1plKg66779DYuxQhlGh8X6YHocLyHTcv-dRAFzy8PeThSbNC0ftbW9827zOSo1pP5H4pmhaETBneFnMOTwbdRKIf1TBbkFSA3gaaIyFC1thRzG9Jfc5nVRrcR-Hj3oowB4tD0XH8_avPlFLcRFGM8uA49Estq6zFrz9H_6Dln74FFKmfT_eHrR_g-zCzWnWcsOx0lkZdlXFYAGh-TGpvOI-skWoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wMTE0MTM0NjQwMDQyNDIzGAA&sigh=YoP7i2n--yg&uach_m=[UACH]&cid=CAQSGwBygQiDrX7K0J5C7J-QML_2qsuPlIN-L6FA1RgB&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 06 Jul 2023 17:24:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 log
hblg.media.net/ Frame C80D 35 B
193 B 38ms
37ms Image
image/gif 23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATDM5NjY5MjcxNjM5NjlfODk2MTgyNjkxXzUxNjM5NDAyNzE0NjIxQDI5YmMwZjdjMzdlMDRkNmJhZDUzM2ZiZjliMjY3ZGE1nAcpXI_C9Si8PzxodHRwczovL2FsbG51bS5ydS9lbi9zZWFyY2gtdjIEVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNhJhbGxudW0ucnUSOENVQThGWDg2CA4xNjB4NjAwCjAuMDQ4Dndlc3Rfb3IGQURYCAhudXJsAAAAAAAAgFVAru_gw6ViAjG1yozyZQ0yPzhydGItZWJkYS01N2JkY2I4NTQ4LXFwZ2pmLk9SPjE3MDAwODA4MDc2ODQwMDAxNjAwNjAwMDAwNTk1MDACEDRlYmE4YmVmAmIC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:48 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 06 Jul 2023 17:24:48 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame C80D 35 B
296 B 301ms
26ms Image
image/gif 104.117.182.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&dn=allnum.ru&cid=8CUA8FX86&ugd=4&cc=US&sc=NY&ct=buffalo&crid=516394027&size=160x600&iwb=1&ver=9.5.6&requrl=allnum.ru%2Fen%2Fsearch-v2%2F&acid=29bc0f7c37e04d6bad533fbf9b267da5&bidrestime=1688664284119&dc=west_or&totalTime=2448870&totalTimeBucket=2&sat=1&send_erpm=true&other_prv=462&other_bids=0.11&o_id=101&o_ver=NT+10.0&br_id=265&br_ver=114.0.5735.198&seat=462&clisp=rtb-ebda-57bdcb8548-qpgjf.OR&req_id=l2m14ovEZc7a7_f-j47KLA&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&ogerpm=0.0000&ogerpm_used=false&rawbid=0.1100&time_stamp=2023-07-06+17%3A24%3A44&sub_bidder=0&visibility=1&viewability=0.8600&stid=aswift_0_host&itype=adx&pvid_seat=462_462&ckfl=0&mnckfl=0&bdp_wider_bucket=1&adblk=1812271804&app_type=adx_test&cliIP=0&ogerpm_wd_bkt=0-1&advurl=related.investorfocus.net%2F&bdr_typ=2&dmm_l=0.2010&dmm_r=0.2010&dmm_d10=7.0000&e_rpm=0.1190&second_bidder=*&second_bid=0.000000&adtyp=0&gpid_sent=false&bcrid=1700080807684000160060000059500&pst=EMS&zone=b&rc=-1&asn=716&sfm_key=System_462&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vplcmtt=-1&vcmplrt=-1.0&itype_id=17&wsip=mowx-59f5bd7bb8-4rk67&sc_pvid=462&ogcbdp=0.1100&pbshr=100.0000&bdp=0.1100&bidfp=0.0100&dfpbd=0.0484&cut=56&prdp=0.0484&algo=unison12&capd=0&strg=harmony&dmm_m22=0.0000&server=1&bdp_bucket=0.10&dfp_bucket=0.0&floor_bucket=0.00&erpm_bucket=0.00&erpm_mult=1.000000&current_hour=17&current_day=4.0&dim4=exploration&level_base=0&dmm_m1=2023-07-06+17%3A24%3A44.121909123&dmm_m4=0.0000&search_res=56&log_less=false&dim10=false&as_cache=1&mul_ratio=0.0000&predicted_wr=51.7083&cut_bkt=55&rel_cut_bkt=60&dmm_m9=0.0000&url_l1=en&url_l2=search-v2&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&seat_id=462&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&model_key=generic_adx_2-cid_2&model_version=202307051147_generic_adx_2-cid_2&sd=0&dmm_d36=NA&dmm_d22=0.05&bdmm_m5=0.9490&bdmm_m6=1.0000&bdmm_m7=0.8610&bdmm_m12=0.8170&dmm_ctr=0.0003&ss_d1=0&ss_d2=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.182.27 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 17:24:48 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 06 Jul 2023 17:24:48 GMT

GET
H2 200 6d9c091d-74ab-4b1f-9b3c-e0238d60f4f2.jpg
contextual.media.net/kimg/new/172x86/2/168/158/44/ Frame C311 12 KB
12 KB 121ms
121ms Image
image/jpeg 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/kimg/new/172x86/2/168/158/44/6d9c091d-74ab-4b1f-9b3c-e0238d60f4f2.jpg?v=9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

4a3af107a7e624527af972ce45ddbdd808bc483750fca74858e99051cb3279fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Mar 2018 11:48:56 GMT
server: nginx
etag: "5ab39828-302d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 12333

GET
DATA 200
OK truncated
/ Frame C311 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 c12de60e-bbfe-4b26-8362-f3f4a1784054.jpg
contextual.media.net/kimg/new/172x86/2/194/217/79/ Frame C311 17 KB
17 KB 205ms
205ms Image
image/jpeg 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/kimg/new/172x86/2/194/217/79/c12de60e-bbfe-4b26-8362-f3f4a1784054.jpg?v=9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

fbf8fceb62e52779771e0195edb43b218455506ef018fd1d822147b9f0f95ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 10 Apr 2018 08:51:10 GMT
server: nginx
etag: "5acc7afe-42e3"
content-type: image/jpeg
accept-ranges: bytes
content-length: 17123

GET
H2 200 e26ccfd3-8137-440f-bf83-b1516c865265.jpg
contextual.media.net/kimg/new/172x86/4/240/216/136/ Frame C311 12 KB
12 KB 159ms
158ms Image
image/jpeg 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/kimg/new/172x86/4/240/216/136/e26ccfd3-8137-440f-bf83-b1516c865265.jpg?v=9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

63682655d9da795814b3e26413ad95404619bd1a2e23079c480536ff90fc5cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 28 Nov 2019 00:52:39 GMT
server: nginx
etag: "5ddf1a57-2ecf"
content-type: image/jpeg
accept-ranges: bytes
content-length: 11983

GET
H2 404 fallback4.png
contextual.media.net/__media__/pics/8001/03/386// Frame C311 196 B
196 B 204ms
203ms Image
text/html 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/8001/03/386//fallback4.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
strict-transport-security: max-age=31536000
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1

GET
H2 404 fallback5.png
contextual.media.net/__media__/pics/8001/03/386// Frame C311 196 B
196 B 173ms
172ms Image
text/html 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/__media__/pics/8001/03/386//fallback5.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
strict-transport-security: max-age=31536000
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1

GET
DATA 200
OK truncated
/ Frame C311 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C311 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame C311 25 KB
25 KB 130ms
130ms Font
font/woff 23.52.163.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=uH%7C3%7C9*HnA&71=D&333=YWmlstv7ltX(0r36n2tgDm62z3*k0zTYDm2oVEUr7Ng9r!O5gEQT!1%3D%3D&4h=D2~~22rN~2F2F2~iirw&PbL3=w&YzvH=tD~2&vhb=~x(q(rQNe&vLvb=ke3DveGoFvQTBn6IV2CA71%3D%3D&v3hb=ei22iNeN~&zhWH=D2wk2ww&vv=(T&zv=CO&vsZ0=MqmjGCO&Lhb=~IGNFaNoG&YLhb=KEer2TB&sYYLz=D&ZzH=e&nPb=r&SbYD=~x(q~Aa~2&SbYN=eD2iBrwNF&6bSYS=-6kX7HZ%3DDiD~-6sL%3Dw-6hb%3DwyDDw-6kXSzZ%3DFD2-6kXHkL%3Dwye-6kXPhZzn%3Dw-6kXhS6%3DJqoDBlie-6kXhZY0b%3Dw-6kX3s%3DrFQU)L8~Mo-6kX3Lv%3DwwDwwww-6kXzhWH%3DD2wk2ww-6kXY0Sk%3DNrw-6kXY07Xzn..hk%3D%2F-vhYd%3Do(AAqtG-vVX.7%3Dw-bv%3DPvLlnzl1HzYDl6-b00XbD%3Dw-b00XbDw%3DF-b00XbDN%3DD-b00XbDr%3De-b00XbDe%3DD-b00XbD2%3Di-b00XbDF%3Dr-b00XbD~%3D~e-b00XbDB%3DDwww-b00XbN%3DK-b00XbND%3DlD-b00XbNN%3Dwywe-b00XbNr%3De-b00XbNe%3DbH.XbH.-b00XbN~%3DN-b00XbNB%3DDyww-b00Xbi%3Dwye-b00Xbiw%3Dw-b00XbiN%3Dw-b00Xbii%3Dw-b00Xbi2%3DCq-b00XbiF%3DK-b00Xbr%3Dww-b00Xbrw%3Dw-b00XbrN%3Dw-b00Xbri%3Dw-b00Xbrr%3DL3_b-b00Xbre%3Dw-b00Xbr2%3Dm-b00XbeD%3Dw-b00XbeN%3DDyww-b00Xbe2%3Dw-b00XbF%3Dw-b00Xb~%3DF-b00X7%3DwyweB-b00X0D%3DwyDDB-b00X0Dw%3DDywww-b00X0DD%3DwyB2F-b00X0DN%3Dwy~DF-b00X0Di%3DDywww-b00X0Dr%3DDywww-b00X0De%3DDywww-b00X0D2%3DwyDee-b00X0N%3DwywFN-b00X0ND%3DDywww-b00X0Ni%3DDywww-b00X0Nr%3DDywww-b00X0Ne%3DDywww-b00X0NB%3DDywww-b00X0i%3DDywww-b00X0iw%3DDywww-b00X0iN%3DwywDw-b00X0ii%3DwywN~-b00X0ir%3DDywww-b00X0ie%3DDwrwwywww-b00X0i2%3DDwrwwywww-b00X0iF%3DFywww-b00X0i~%3DFywww-b00X0iB%3DDDBw2yDDB-b00X0rw%3DDBDwiNywww-b00X0rD%3DriyF~N-b00X0rN%3DDNiFywww-b00X0e%3DwyBrB-b00X0eD%3DDwrwwywww-b00X0eN%3Dwy~2w-b00X0ei%3DwyN~2-b00X0er%3Deywww-b00X0ee%3DwyDDF-b00X0e2%3Deywww-b00X0eF%3DDywww-b00X02%3DDywww-b00X0F%3Dwy~2D-b00X0B%3DDywww-b00X3%3DwyNwD-HX3L0%3DwyDDB-H3L0%3DwyDDB-sv%3Dw%20%2B%20w-hsS%3Dw-hYdLH%3DqQa-3Xvv%3D(T-3XhL%3DN2wNl..v~lwwwNlwwwwlwwwwlwwwwlwwwwlwwww-3Xzv%3DCO-36_%3DeXi-3H.XvZY%3Dw-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-zYb%3DSz1h.YXwXs_zY-463%3Dw-4hzh6h7hYd%3DD-v6bL%3Dwywr~-hYdLHXhb%3DDF-zH77H3XYSPXhb%3DSz1h.YXwXs_zY-znLL7dXYSPXhb%3D-bHYHvYHbXYSPXhb%3DSz1h.YXwXs_zY-4hH1S6h7hYd%3Dwy~2-L_z%3DD-vY3%3DNyFere2~Ulr-SvXYdLH%3DD-Sb67V%3DD~DNNFD~wr-S0L%3DD-_P6hb%3DwyDDw-6.73%3DwywDw-znhb%3D-bYv%3D1HzYX_3-b00XH3L0%3D.S7zH-b00%3DsS30_Zd-6bLvSLb%3Dw-bS7P%3DnZhz_ZDN-z_6L%3D-khb%3DqQalLn6lwDDrDir2rwwrNrNi-sY07%3DD-SbXL_z%3D%7B%22Y%22%3Aw%2C%22L%22%3Ar%7D-bvnY%3Dee-b_P6%3DwlD-h6v%3DD-&ZY4=w&6b3Jb=r2N&0v.=2wrDN&dbzL3=D&6SH=or99rrC99C&VSYL3H=D&VSY6hb=lDwN&vSb_0ShZ=YWmlstv7ltlMTsCrNlnn.bZeGasNhxwC29biNdrJTv85GM8XVd8_WP%3D%3D&dL7L=D&hzhb=i&Sb4=JZ4HzY_3%20A_vnz&LPhb=Lw2rweweFerYNwNiwFw2DFNr&zz7b=%7B%22zzhL%22%3A%22N2wN%3A..v~%3AwwwN%3Awwww%3Awwww%3Awwww%3Awwww%3Awwww%22%2C%22zzvv%22%3A%22(T%22%2C%22zzzv%22%3A%22CO%22%2C%22zzvYd%22%3A%226n..S7_%22%7D&sY07z3v=D
Origin: https://contextual.media.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25720
expires: Fri, 07 Jul 2023 17:24:48 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 84ms
83ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_fy2021.js?bust=31075831

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allnum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 17:24:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBF1 13 KB
5 KB 33ms
32ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 161980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jul 2023 20:25:08 GMT
expires: Wed, 03 Jul 2024 20:25:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C030 783 B
968 B 64ms
63ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

992bd8a806cb61dd95dca75c475003f82e77623cac01606dc695b08a06301246

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Affv_EFWiWpccSMNINywtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://allnum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-Affv_EFWiWpccSMNINywtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 17:24:48 GMT
expires: Thu, 06 Jul 2023 17:24:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js Show response
pagead2.googlesyndication.com/bg/ Frame BBF1 37 KB
14 KB 30ms
30ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 17:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 17:59:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C030 0
0 59ms
59ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230628&jk=16435508083803&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BBF1 0
10 B 32ms
32ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4pThKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 17:24:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 log
hblg.media.net/ Frame C80D 35 B
193 B 38ms
37ms Image
image/gif 23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAMjliYzBmN2MzN2UwNGQ2YmFkNTMzZmJmOWIyNjdkYTXWsLzsA5wHBFVTEmFsbG51bS5ydRI4Q1VBOEZYODYaYXN3aWZ0XzBfaG9zdA4xNjB4NjAwDndlc3Rfb3IEMjMGQURYEjhQUjExM0pHQwY0NjIAGmFzd2lmdF8wX2hvc3QCMDhydGItZWJkYS01N2JkY2I4NTQ4LXFwZ2pmLk9SPjE3MDAwODA4MDc2ODQwMDAxNjAwNjAwMDAwNTk1MDACMAAiABBFWENIQU5HRQICYg&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 17:24:49 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 06 Jul 2023 17:24:49 GMT

GET
H2 200 bqi.php
lg3.media.net/ Frame C80D 15 B
15 B 38ms
38ms Image
text/javascript 23.200.44.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2529&lf=3&&vgd_hb_audit_1=8CUA8FX86&vgd_hb_audit_2=516394027&vgd_tsce=L186&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=1010&vgd_cage=0&vgd_rensize=160_600&vgde_bdata=~G-MjJzvuAuW~GwEv9~G8Ov9.uu9~G-M1QzvhuF~G-MJ-Ev9.X~G-My8zQxv9~G-M81GvVKRuioAX~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvuF9-F99~G-M7Y1-vfH9~G-M7YjMQxkk8-vS~N875vRPssKTa~NUMkjv9~ONvyNEoxQoBJQ7uoG~OYYMOuv9~OYYMOu9vh~OYYMOufvu~OYYMOuHvX~OYYMOuXvu~OYYMOuFvA~OYYMOuhvH~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9X~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvf~OYYMOfivu.99~OYYMOAv9.X~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfvu.99~OYYMOXFv9~OYYMOhv9~OYYMOWvh~OYYMjv9.9Xi~OYYMYuv9.uui~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.Wuh~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.uXX~OYYMYfv9.9hf~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAAv9.9fW~OYYMYAHvu.999~OYYMYAXvu9H99.999~OYYMYAFvu9H99.999~OYYMYAhvh.999~OYYMYAWvh.999~OYYMYAivuui9F.uui~OYYMYH9vuiu9Af.999~OYYMYHuvHA.hWf~OYYMYHfvufAh.999~OYYMYXv9.iHi~OYYMYXuvu9H99.999~OYYMYXfv9.WF9~OYYMYXAv9.fWF~OYYMYXHvX.999~OYYMYXXv9.uuh~OYYMYXFvX.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.WFu~OYYMYivu.999~OYYMLv9.f9u~JMLEYv9.uui~JLEYv9.uui~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvPb~LM8EvfF9fokkNWo999fo9999o9999o9999o9999o9999~LMQNvI3~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~Q7Ov1QB8k7M9MwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9HW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.WF~EmQvu~N7Lvf.hXHXFW4oH~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.uu9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGo9uuHuAHFH99HfHfA~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vXX~OmyGv9ou~8GNvu~&vgd_lbt=50&gdpr=0&prid=8PRVCXX19&cid=8CUAU4D25&crid=536632528&rrr=tzR-hLcl-L_Um4rbu6LG1Rb6srKxmsSt1R6BkJE4l2Gq4WYVGJDSWw%3D%3D&requrl=https%3A%2F%2Fallnum.ru%2F&vi=1688664286767683340&ugd=4&cc=US&sc=NY&bdrid=462&subBdr=99&startTime=1688664287146&l1ch=1&l1hcsd=l1!Ogzkn|4407&sttm=1688664287155&upk=1688664287.17812&hvsid=00001688664287155016112663488754&acid=29bc0f7c37e04d6bad533fbf9b267da5&verid=3111299&infr=1&twna=1&dma=514&stime=1688664286393&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1688664286144721900&vgd_sc=NY&vgd_ecrid=1700080807684000160060000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0640505754t202307061724&vgd_pgids=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.200.44.18 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS