urlscan.io logo urlscan.io
SecurityTrails logo

hogwartsnet.ru Open in urlscan Pro
95.217.35.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.hogwartsnet.ru/
Effective URL: https://hogwartsnet.ru/mfanf/findex.php
Submission: On March 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 73 HTTP transactions. The main IP is 95.217.35.209, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is hogwartsnet.ru.
TLS certificate: Issued by R3 on March 4th 2021. Valid for: 3 months.
This is the only time hogwartsnet.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 95.217.35.209 24940 (HETZNER-AS)
8 2a00:1450:400... 15169 (GOOGLE)
2 6 217.69.133.145 47764 (MAILRU-AS...)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 2 88.212.201.210 39134 (UNITEDNET)
3 6 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 154.47.36.186 174 (COGENT-174)
2 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
73 23
19    95.217.35.209 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: d783fb45d.fastvps-server.com
www.hogwartsnet.ru
hogwartsnet.ru
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    154.47.36.186 (United States)

ASN174 (COGENT-174, US)
mc.webvisor.org
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
18 hogwartsnet.ru 1 redirects hogwartsnet.ru
13 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 pagead2.googlesyndication.com hogwartsnet.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 mc.yandex.ru 3 redirects hogwartsnet.ru
6 top-fwz1.mail.ru 2 redirects hogwartsnet.ru
top-fwz1.mail.ru
5 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
2 www.gstatic.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 mc.webvisor.org 1 redirects hogwartsnet.ru
2 counter.yadro.ru 1 redirects hogwartsnet.ru
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net hogwartsnet.ru
1 www.hogwartsnet.ru 1 redirects
73 21

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
top.mail.ru
Subject Issuer Validity Valid
hogwartsnet.ru
R3		 2021-03-04 -
2021-06-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
counter.yadro.ru
R3		 2021-01-13 -
2021-04-13		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
mc.webvisor.com
Yandex CA		 2021-03-11 -
2021-09-02		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://hogwartsnet.ru/mfanf/findex.php
Frame ID: 785602D2A098B7102614478443EE9999
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: E15BED5CD86A6BC95EBE688E959D9642
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Frame ID: 3FE000443E253BD3615A7477BB542A42
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Frame ID: A01DDDDF0B3DF3729F28096F9571FB19
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&adk=1812271804&adf=3025194257&lmt=1615563435&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&ea=0&flash=0&pra=7&wgl=1&dt=1615563435457&bpp=1&bdt=725&idt=112&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=116
Frame ID: A694A9A3A847ECA5A40AFB9736A7FB88
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: B481F2410E11C82B7A10237EE8F1D155
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Frame ID: F8C5D9F3407E3507947A078FA0A98285
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 35803EB497665561A1F8ADA1DAA6CE4F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.hogwartsnet.ru/ HTTP 301
    https://hogwartsnet.ru/ HTTP 302
    https://hogwartsnet.ru/mfanf/findex.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /cdn\.jsdelivr\.net\/npm\/yandex-metrica-watch\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

73
Requests

100 %
HTTPS

77 %
IPv6

14
Domains

21
Subdomains

23
IPs

4
Countries

726 kB
Transfer

1620 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.hogwartsnet.ru/ HTTP 301
    https://hogwartsnet.ru/ HTTP 302
    https://hogwartsnet.ru/mfanf/findex.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://top-fwz1.mail.ru/counter?id=573146;t=487;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=573146;t=487;l=1
Request Chain 19
  • https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttps%3A//hogwartsnet.ru/mfanf/findex.php;0.530857694552382 HTTP 302
  • https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//hogwartsnet.ru/mfanf/findex.php;0.530857694552382
Request Chain 21
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A1098157231874%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A384239567%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Ati%3A2%3Ast%3A1615563435 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A1098157231874%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A384239567%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Ati%3A2%3Ast%3A1615563435
Request Chain 32
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9210.6Qa1ynXWiWCodCnzzn0En217CLa220uMy6EhQsUCZM1kBBKk77qU8u_a_7YYSDlw.YK_gg_XLnFZ9XWy8ZC5gwKmWsbI%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9210.lwMd6TPbG6a-TlHHKjyAi8p10CCadiZJ62qNFSWWnnB_SolMJonLbK3cBH2iebSClzEC5U3KyldMdyNDKW5M7A%2C%2C.KhmdRWzCsWgFOPK6n2znT6eU3Ng%2C
Request Chain 33
  • https://top-fwz1.mail.ru/counter?js=13;id=573146;u=https%3A//hogwartsnet.ru/mfanf/findex.php;st=1615563435378;title=%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8;s=1600*1200;vp=1600*5773;touch=0;hds=1;flash=;sid=d0e2741b9a47eb75;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9//4g/0/0/;lvid=1615563435781%3A1615563435803%3A1%3A80db8644912515d455a4794811697987;_=0.8407823963543204 HTTP 302
  • https://top-fwz1.mail.ru/counter2?js=13;id=573146;u=https%3A//hogwartsnet.ru/mfanf/findex.php;st=1615563435378;title=%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8;s=1600*1200;vp=1600*5773;touch=0;hds=1;flash=;sid=d0e2741b9a47eb75;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9//4g/0/0/;lvid=1615563435781%3A1615563435803%3A1%3A80db8644912515d455a4794811697987;_=0.8407823963543204
Request Chain 49
  • https://mc.yandex.ru/watch/46413156?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A1351804207432%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A48928467%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615563436%3At%3A%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8 HTTP 302
  • https://mc.yandex.ru/watch/46413156/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A1351804207432%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A48928467%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615563436%3At%3A%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8
Request Chain 64
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U HTTP 301
  • https://tpc.googlesyndication.com/simgad/7103612115487317334

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set findex.php
hogwartsnet.ru/mfanf/
Redirect Chain
  • https://www.hogwartsnet.ru/
  • https://hogwartsnet.ru/
  • https://hogwartsnet.ru/mfanf/findex.php
35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 / PHP/5.4.16
Resource Hash
fdbd1b50bf803acb5fc252b407ce55dea101693704233152294aa273c1a5a14f

Request headers

Host
hogwartsnet.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.18.0
Date
Fri, 12 Mar 2021 15:37:14 GMT
Content-Type
text/html; charset=WINDOWS-1251
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Set-Cookie
PHPSESSID=k7vm42dsaa70ecb8jpnr5efia6; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx/1.18.0
Date
Fri, 12 Mar 2021 15:37:14 GMT
Content-Type
text/html; charset=WINDOWS-1251
Content-Length
0
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Location
/mfanf/findex.php
colorpicker.css
hogwartsnet.ru/mfanf/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/css/colorpicker.css
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
ef2e18da557149caf4ada093c072ed53d6644be365b366537f4e18b303402df3

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 10:05:07 GMT
Server
nginx/1.18.0
ETag
W/"5fa12b53-c82"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:14 GMT
layout.css
hogwartsnet.ru/mfanf/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/css/layout.css
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
642576aeaf9c74876f0b3cdaf8677322a9971a4372d30f008a4e5f210a046bdb

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 10:05:07 GMT
Server
nginx/1.18.0
ETag
W/"5fa12b53-cb1"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:14 GMT
style.css
hogwartsnet.ru/mfanf/design/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/design/style.css?40
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
95e03a49a72c1b3dbe89680ea15d544ddcd690c3388be232e792fdbe66787a50

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Dec 2020 10:09:44 GMT
Server
nginx/1.18.0
ETag
W/"5fcdff68-3490"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
fd_styles.php
hogwartsnet.ru/mfanf/design/ 		2 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/design/fd_styles.php?40
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 / PHP/5.4.16
Resource Hash
58ee606d66c4ed91e8390282aaa54728de365254b3b3afb8e6d9f54a36fb5ace

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Fri, 26 Mar 2021 15:37:15 GMT
jquery.datepick.css
hogwartsnet.ru/mfanf/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/css/jquery.datepick.css
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
335bd8392cc990859d58176f602dbc7689f495142ae0008c4eda0f7e98cfe8a9

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 10:05:07 GMT
Server
nginx/1.18.0
ETag
W/"5fa12b53-11df"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
jquery-1.3.2.min.js
hogwartsnet.ru/mfanf/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/js/jquery-1.3.2.min.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 10:04:51 GMT
Server
nginx/1.18.0
ETag
W/"5fa12b43-dfa6"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=windows-1251
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
jfav.js
hogwartsnet.ru/mfanf/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/js/jfav.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
010387cb2a76032377186ea9840ad9fa19b692190dd3db22cc6f03c1b4c0fa7e

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 10:04:51 GMT
Server
nginx/1.18.0
ETag
W/"5fa12b43-b05"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=windows-1251
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
colorpicker.js
hogwartsnet.ru/mfanf/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/js/colorpicker.js?1
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
5ab776ef94beacc4a853dd581430798b9d09685232ef19ab056effe43fca27c1

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Jan 2021 14:48:14 GMT
Server
nginx/1.18.0
ETag
W/"5ff9c22e-4343"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=windows-1251
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
jquery.datepick.js
hogwartsnet.ru/mfanf/js/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/js/jquery.datepick.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
ada9eeaee2db04f618e0567091adebcb9d34c35d34d409aa0c9249a53afc7c42

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 10:04:50 GMT
Server
nginx/1.18.0
ETag
W/"5fa12b42-14e77"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=windows-1251
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
jquery.datepick-ru.js
hogwartsnet.ru/mfanf/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/js/jquery.datepick-ru.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
f4bb0491b9a1db4bb873d6e35418763bf2d8b6a15a6df9e4cd89a85f5cbacbc1

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Nov 2020 10:04:51 GMT
Server
nginx/1.18.0
ETag
W/"5fa12b43-4fd"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=windows-1251
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
functions.js
hogwartsnet.ru/mfanf/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hogwartsnet.ru/mfanf/js/functions.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
c660ca66ebc14e5b5acd149d7b910510e5aede0b2428dc3fd098561378bd1e3b

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Nov 2020 10:36:24 GMT
Server
nginx/1.18.0
ETag
W/"5fc22828-1ff9"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=windows-1251
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 11 Apr 2021 15:37:15 GMT
1x1.gif
hogwartsnet.ru/mfanf/imgs/ 		49 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hogwartsnet.ru/mfanf/imgs/1x1.gif
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Last-Modified
Tue, 03 Nov 2020 10:04:51 GMT
Server
nginx/1.18.0
ETag
"5fa12b43-31"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
Expires
Sun, 11 Apr 2021 15:37:15 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
377ee7092af19c39daed104f096ab955a8dcd5bb4d7c4d7922fea197336bea65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49997
x-xss-protection
0
server
cafe
etag
13439632224215961392
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:37:15 GMT
1.png
hogwartsnet.ru/see_imgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hogwartsnet.ru/see_imgs/1.png
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
c55d0b87180b2d71c14f03cf1bff86f2fc137bd08999bc14a3b248c6546d8cd8

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Last-Modified
Fri, 27 Nov 2020 19:51:47 GMT
Server
nginx/1.18.0
ETag
"5fc158d3-608"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1544
Expires
Sun, 11 Apr 2021 15:37:15 GMT
w00t.gif
hogwartsnet.ru/mfanf/images/ 		650 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hogwartsnet.ru/mfanf/images/w00t.gif
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
606fb070e1eaa5681c7ca401690b6e6f9f834fd5948bf5d1bf5b2c6f247a3583

Request headers

Referer
https://hogwartsnet.ru/mfanf/findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Last-Modified
Tue, 03 Nov 2020 10:04:53 GMT
Server
nginx/1.18.0
ETag
"5fa12b45-28a"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
650
Expires
Sun, 11 Apr 2021 15:37:15 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=573146;t=487;l=1
  • https://top-fwz1.mail.ru/counter2?id=573146;t=487;l=1
1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=573146;t=487;l=1
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
3aeec87f6801fea6bbf4787397dfb34361888abcb8620bca58898891c9068840
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
1500
Pragma
no-cache
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
*
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
*
Keep-Alive
timeout=60

Redirect headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
*
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Location
https://top-fwz1.mail.ru/counter2?id=573146;t=487;l=1
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
*
Keep-Alive
timeout=60
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		124 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16dd44ffde610065b64f268d38a654ac3617400cfba6bd2ebbcc005ebaee4a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
26111
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
50038
etag
W/"1ee49-tXRogD3ZqhMDO8og8D560U3o8rk"
x-served-by
cache-fra19171-FRA, cache-hhn4042-HHN
date
Fri, 12 Mar 2021 15:37:15 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bg.gif
hogwartsnet.ru/mfanf/imgs/ 		53 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hogwartsnet.ru/mfanf/imgs/bg.gif
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/design/style.css?40
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
329032c43628a7554b8c9560a83f2056c1dd4bf419e73038f7a6c1c1cf0ddbe9

Request headers

Referer
https://hogwartsnet.ru/mfanf/design/style.css?40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Last-Modified
Tue, 03 Nov 2020 10:04:51 GMT
Server
nginx/1.18.0
ETag
"5fa12b43-35"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53
Expires
Sun, 11 Apr 2021 15:37:15 GMT
logo.png
hogwartsnet.ru/mfanf/imgs/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hogwartsnet.ru/mfanf/imgs/logo.png
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/design/style.css?40
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.35.209 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d783fb45d.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
8ac723e63ec4a5193beb57671bc5827c96255c50c8c4412e7419a41005986492

Request headers

Referer
https://hogwartsnet.ru/mfanf/design/style.css?40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Last-Modified
Tue, 03 Nov 2020 10:04:51 GMT
Server
nginx/1.18.0
ETag
"5fa12b43-31bd"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12733
Expires
Sun, 11 Apr 2021 15:37:15 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttps%3A//hogwartsnet.ru/mfanf/findex.php;0.530857694552382
  • https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//hogwartsnet.ru/mfanf/findex.php;0.530857694552382
417 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//hogwartsnet.ru/mfanf/findex.php;0.530857694552382
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a23463c1d4275eb57e6e4cdb22bbb4ff7b606bfdf2ac4a6c5fa3247d8050801b
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Mar 2021 15:37:15 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
417
Expires
Wed, 11 Mar 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Mar 2021 15:37:15 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//hogwartsnet.ru/mfanf/findex.php;0.530857694552382
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 11 Mar 2020 21:00:00 GMT
code.js
top-fwz1.mail.ru/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Wed, 09 Dec 2020 16:09:03 GMT
Server
nginx
ETag
W/"5fd0f69f-5361"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
max-age=3600, private
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Expires
Fri, 12 Mar 2021 16:37:15 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%...
35 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A1098157231874%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A384239567%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Ati%3A2%3Ast%3A1615563435
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Mar 2021 15:37:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 12-Mar-2021 15:37:15 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hogwartsnet.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Fri, 12-Mar-2021 15:37:15 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Mar 2021 15:37:15 GMT
last-modified
Fri, 12-Mar-2021 15:37:15 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A1098157231874%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A384239567%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Ati%3A2%3Ast%3A1615563435
strict-transport-security
max-age=31536000
access-control-allow-origin
https://hogwartsnet.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 12-Mar-2021 15:37:15 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:15 GMT
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"60472f6c-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 12 Mar 2021 16:37:15 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 		225 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86491
x-xss-protection
0
server
cafe
etag
16470564300944896599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Mar 2021 15:37:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame E15B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210309/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hogwartsnet.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hogwartsnet.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 11 Mar 2021 23:47:12 GMT
expires
Thu, 25 Mar 2021 23:47:12 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
57003
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		204 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=hogwartsnet.ru&callback=_gfp_s_&client=ca-pub-6359265769479039
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
5eb81d209e2f772309cd6f84721d1c97f2f0c8653f854f03059a3fd2d6fe7e72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hogwartsnet.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Mar 2021 15:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hogwartsnet.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Mar 2021 15:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3FE0 		88 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3d79ea6b6502d58aa9bd29a019fb329cf0e74735cfc0a642c8cae119e582f08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hogwartsnet.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hogwartsnet.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 12 Mar 2021 15:37:16 GMT
server
cafe
content-length
24916
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 15:52:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 12 Mar 2021 15:37:16 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615378846156468"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28222
x-xss-protection
0
expires
Fri, 12 Mar 2021 15:37:15 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A01D 		72 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c0186cbd9148cfc8d48d40fab2618158cba3997e4c04e0f47916c243941022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hogwartsnet.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hogwartsnet.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 12 Mar 2021 15:37:15 GMT
server
cafe
content-length
23595
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 15:52:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 12 Mar 2021 15:37:15 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A694 		0
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&adk=1812271804&adf=3025194257&lmt=1615563435&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&ea=0&flash=0&pra=7&wgl=1&dt=1615563435457&bpp=1&bdt=725&idt=112&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6359265769479039&output=html&adk=1812271804&adf=3025194257&lmt=1615563435&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&ea=0&flash=0&pra=7&wgl=1&dt=1615563435457&bpp=1&bdt=725&idt=112&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=116
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hogwartsnet.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hogwartsnet.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 12 Mar 2021 15:37:15 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 15:52:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 12 Mar 2021 15:37:15 GMT
cache-control
private
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9210.6Qa1ynXWiWCodCnzzn0En217CLa220uMy6EhQsUCZM1kBBKk77qU8u_a_7YYSDlw.YK_gg_XLnFZ9XWy8ZC5gwKmWsbI%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9210.lwMd6TPbG6a-TlHHKjyAi8p10CCadiZJ62qNFSWWnnB_SolMJonLbK3cBH2iebSClzEC5U3KyldMdyNDKW5M7A%2C%2C.KhmdRWzCsWgFOPK6n2znT6eU3Ng%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9210.lwMd6TPbG6a-TlHHKjyAi8p10CCadiZJ62qNFSWWnnB_SolMJonLbK3cBH2iebSClzEC5U3KyldMdyNDKW5M7A%2C%2C.KhmdRWzCsWgFOPK6n2znT6eU3Ng%2C
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.47.36.186 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:16 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9210.lwMd6TPbG6a-TlHHKjyAi8p10CCadiZJ62qNFSWWnnB_SolMJonLbK3cBH2iebSClzEC5U3KyldMdyNDKW5M7A%2C%2C.KhmdRWzCsWgFOPK6n2znT6eU3Ng%2C
date
Fri, 12 Mar 2021 15:37:15 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?js=13;id=573146;u=https%3A//hogwartsnet.ru/mfanf/findex.php;st=1615563435378;title=%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8;s=1600*1200;vp=1600*5773;touch=0;hds=1...
  • https://top-fwz1.mail.ru/counter2?js=13;id=573146;u=https%3A//hogwartsnet.ru/mfanf/findex.php;st=1615563435378;title=%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8;s=1600*1200;vp=1600*5773;touch=0;hds=...
43 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter2?js=13;id=573146;u=https%3A//hogwartsnet.ru/mfanf/findex.php;st=1615563435378;title=%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8;s=1600*1200;vp=1600*5773;touch=0;hds=1;flash=;sid=d0e2741b9a47eb75;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9//4g/0/0/;lvid=1615563435781%3A1615563435803%3A1%3A80db8644912515d455a4794811697987;_=0.8407823963543204
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
*
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
*
Keep-Alive
timeout=60

Redirect headers

Date
Fri, 12 Mar 2021 15:37:15 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
https://hogwartsnet.ru
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
https://hogwartsnet.ru
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Location
https://top-fwz1.mail.ru/counter2?js=13;id=573146;u=https%3A//hogwartsnet.ru/mfanf/findex.php;st=1615563435378;title=%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8;s=1600*1200;vp=1600*5773;touch=0;hds=1;flash=;sid=d0e2741b9a47eb75;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9//4g/0/0/;lvid=1615563435781%3A1615563435803%3A1%3A80db8644912515d455a4794811697987;_=0.8407823963543204
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://hogwartsnet.ru
Keep-Alive
timeout=60
css
fonts.googleapis.com/ Frame A01D 		3 KB
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 14:01:17 GMT
server
ESF
date
Fri, 12 Mar 2021 15:37:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Mar 2021 15:37:15 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame A01D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:35:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame A01D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7138
x-xss-protection
0
server
cafe
etag
7904608329869157807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:36:23 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame A01D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:31:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
6751271179024913178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:31:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A01D 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615378840307797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34576
x-xss-protection
0
expires
Fri, 12 Mar 2021 15:37:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame A01D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5996
x-xss-protection
0
server
cafe
etag
15528521553155206461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:36:25 GMT
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame A01D 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 03:08:06 GMT
server
sffe
age
152408
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Tue, 08 Jun 2021 21:17:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A01D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2ZIgq4pLYNOFJePAxgK7u63oBsmWpephhs7e6fIM_u_l6ZMcEAEg_r6fDGCViriCyAegAcejnuMDyAEJqQKoD95HPP6zPqgDAcgDywSqBLYBT9BEKXRTI2C32T1Ea7WDVflRNSudE4twE6YEJd5SGRE4uvH3lh8uCcYVAbZgV5swotC_2I5kzusfwnvH3N032cEyQEfaZZ7NBZoCGveQvygC_T1QUItaZNPFfeeFQlVtRTd4xgoKzIHmRWZPENzekoDBngIsxpPAHqZ5HWJW84NmyVs-Dw1KvllfH_PUgAPrKn20cFV0WfNtskwn2cTlf5bUWmpDW1KrKNKh1P2SGETOlzMq3_fABMHD-OikA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf0-fggqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENDwCNIICQiA4YBwEAEYH4AKAcgLAdgTDIgUA7IXGgoYCAASFHB1Yi02MzU5MjY1NzY5NDc5MDM5&sigh=m0IYHep08Rc&template_id=5000&tpd=AGWhJmvvBY6nfkBUQAbtfHQCQopqg-gQcfIi76EBU7Ty7vhtQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 12 Mar 2021 15:37:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 12 Mar 2021 15:37:16 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/18237883221195563244/ Frame A01D 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18237883221195563244/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23c897279bdd00603106844ec9d8af3321f1a0515dedeb3308a35a11caba6765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 16:08:32 GMT
x-content-type-options
nosniff
age
602924
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52791
x-xss-protection
0
last-modified
Fri, 23 Aug 2019 09:02:44 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 16:08:32 GMT
truncated
/ Frame A01D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A01D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
011628f1984b140dbb640e0d2c0e933953c13d2d929cb5e145ef0225eb48b217

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A01D 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 01:58:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
135536
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 11 Mar 2022 01:58:20 GMT
4UabrENHsxJlGDuGo1OIlLU94Yt3CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A01D 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt3CwZ-Pw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e00db7d3373fb5fd2fa2c7f5f7de6a4e90423ee5068404ba02913f6f781150a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:41:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:26 GMT
server
sffe
age
71746
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10892
x-xss-protection
0
expires
Fri, 11 Mar 2022 19:41:30 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A01D 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:42:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
150893
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Thu, 10 Mar 2022 21:42:23 GMT
4UaGrENHsxJlGDuGo1OIlL3Kwp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A01D 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Kwp5MKg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4c2550b07d12bba335752254860f12b44388f449397b9e6e85a8e3f9ed7a6df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 00:24:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
141174
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10928
x-xss-protection
0
expires
Fri, 11 Mar 2022 00:24:22 GMT
1
mc.yandex.ru/watch/46413156/
Redirect Chain
  • https://mc.yandex.ru/watch/46413156?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen...
  • https://mc.yandex.ru/watch/46413156/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3A...
186 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/46413156/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A1351804207432%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A48928467%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615563436%3At%3A%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8
Requested by
Host: hogwartsnet.ru
URL: https://hogwartsnet.ru/mfanf/findex.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ed0900c70c0640e62ed226bc44584f6330a8009eafeb04f14bc457f68241b6cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Mar 2021 15:37:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 12-Mar-2021 15:37:16 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hogwartsnet.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Fri, 12-Mar-2021 15:37:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Mar 2021 15:37:16 GMT
last-modified
Fri, 12-Mar-2021 15:37:16 GMT
location
/watch/46413156/1?wmode=7&page-url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezw432efhv7h%3Afp%3A2054%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A1351804207432%3Ahid%3A507649063%3Az%3A60%3Ai%3A20210312163715%3Aet%3A1615563435%3Ac%3A1%3Arn%3A48928467%3Au%3A1615563435251385637%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615563433310%3Ads%3A0%2C0%2C354%2C1%2C1064%2C0%2C%2C646%2C6%2C%2C%2C%2C2068%3Adsn%3A0%2C0%2C353%2C1%2C1064%2C0%2C%2C648%2C7%2C%2C%2C%2C2067%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615563436%3At%3A%D0%A4%D0%B0%D0%BD%D1%84%D0%B8%D0%BA%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://hogwartsnet.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 12-Mar-2021 15:37:16 GMT
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame B481 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=9760253027&adk=998000354&adf=4082273654&pi=t.ma~as.9760253027&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435453&bpp=3&bdt=721&idt=107&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5738043351738&frm=20&pv=1&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=2840&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ypmjMDLllc&p=https%3A//hogwartsnet.ru&dtd=110
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 12:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
11749
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Sat, 12 Mar 2022 12:21:27 GMT
css
fonts.googleapis.com/ Frame 3FE0 		2 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 14:00:45 GMT
server
ESF
date
Fri, 12 Mar 2021 15:37:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Mar 2021 15:37:16 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 3FE0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:35:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 3FE0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7138
x-xss-protection
0
server
cafe
etag
7904608329869157807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:36:23 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 3FE0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:31:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
6751271179024913178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:31:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3FE0 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615378840307797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34576
x-xss-protection
0
expires
Fri, 12 Mar 2021 15:37:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 3FE0 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5996
x-xss-protection
0
server
cafe
etag
15528521553155206461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Mar 2021 15:36:25 GMT
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame 3FE0 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 03:08:06 GMT
server
sffe
age
152409
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Tue, 08 Jun 2021 21:17:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3FE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSD5tq4pLYMWfJciU1wbSrZeQBNa6hMJg_PO02qgKyY_F4MQYEAEg_r6fDGCViriCyAegAePAq8cDyAEJqQKoD95HPP6zPqgDAcgDywSqBLwBT9CNNqAL6cna1GdavQp7FLE-8fqfF0hMr-17bpgKWjxavrfgcvzZpBTU5q2-LGLWUHbSTqLW8-GBwtTAybb02HjE0JjVFmG2PwpybouTKy4vpo9o6p4xXzwE86D7R12c00yBm4luz1h91pB2Jmvr8w1AjV2qK1lUlgbrF7yvwsUldW8ILeda7P-n1OTA1xAzLZJmudbcB1x7wXZmU9edGWl54c72I0hEInL8mp_hmES_IOYFPV1LjCFgqaPABKSqotm_ApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfR_4wmqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCyh17SCAkIgOGAcBABGB-ACgHICwHYEwyIFAKyFxoKGAgAEhRwdWItNjM1OTI2NTc2OTQ3OTAzOQ&sigh=lqWwTQKdbP8&template_id=494&tpd=AGWhJmuu2Et-kt2PD6PwnGEqMtl-UWOiqA1SXEYXfM_WzJljRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 12 Mar 2021 15:37:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
shopping
encrypted-tbn3.gstatic.com/ Frame 3FE0 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRAMyBtoS-Y6RWMc0p4WeJLnn7XVXE_2DhZ2r5pCUkS7rj10lE&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb89f5631446bdc6a1f5720d7ce5b3846dc11dc49ae112ef57e0c1afcc9b3ca5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 20:05:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Oct 2020 10:04:32 GMT
server
sffe
age
70291
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14622
x-xss-protection
0
expires
Fri, 11 Mar 2022 20:05:45 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 3FE0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTg3ymmnW6iqML85HZ8A1BhyD_UyaamW6d89H8kiwJ_MhOibeM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1f8d4d16efaf872edc61b00e7165750cb3afabe3c38be2935a087b176c3fbe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 16:59:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2019 11:48:57 GMT
server
sffe
age
513474
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8525
x-xss-protection
0
expires
Sun, 06 Mar 2022 16:59:22 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 3FE0 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQpZeWGW9u5fZ3K_MOp5kGzkGt8oM5AuJ0VBcry9Z0qVv1pWwY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c5f0b4a8f57d2cac048ae363649f1119b3d6e939d45c4abb691c45f9511784e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 07:26:27 GMT
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 15:19:18 GMT
server
sffe
age
375049
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9692
x-xss-protection
0
expires
Tue, 08 Mar 2022 07:26:27 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 3FE0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT-An2Vk7JOgG1XGpAIwMRGvYLgILTL2foQ6ZN2W1o8BIkG6CY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7f0fca88c4a6ad837324c57daca7e35248fe02612bf6885ce549718ea568197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 19:53:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Aug 2020 13:11:05 GMT
server
sffe
age
243847
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5838
x-xss-protection
0
expires
Wed, 09 Mar 2022 19:53:09 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 3FE0 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTVfbdCY94CF3d_w6wHItDSV7w3yFFaq31Fs_WCrTt73K3EpgNn&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bddfa0a9e93e3f1393fa88442e004514098837adfbaa10c276b95acd5e77a3f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 08:11:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 06 Dec 2020 11:07:20 GMT
server
sffe
age
372354
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11941
x-xss-protection
0
expires
Tue, 08 Mar 2022 08:11:22 GMT
7103612115487317334
tpc.googlesyndication.com/simgad/ Frame 3FE0
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCL57XsHBCABBiAATIIgoSA_Oqki0U
  • https://tpc.googlesyndication.com/simgad/7103612115487317334
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7103612115487317334
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 19:54:54 GMT
x-content-type-options
nosniff
age
157342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5156
x-xss-protection
0
last-modified
Mon, 18 Nov 2019 11:07:29 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 19:54:54 GMT

Redirect headers

timing-allow-origin
*
date
Fri, 12 Mar 2021 04:47:08 GMT
x-content-type-options
nosniff
server
cafe
age
39008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/7103612115487317334
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 11 Apr 2021 04:47:08 GMT
truncated
/ Frame 3FE0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d34a982f63e69e7d1376bc4a76a03a845e0cb2534f25a7aa8e4f0735bda94c9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 3FE0 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
71750
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Fri, 11 Mar 2022 19:41:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cb1324ecf176afa88e7d26b1ed22424b96160087ad26ae3b944cb2417b48e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Mar 2021 15:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6394
x-xss-protection
0
tracker
top-fwz1.mail.ru/ 		43 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=573146;u=https%3A//hogwartsnet.ru/mfanf/findex.php;st=1615563435378;s=1600*1200;vp=1600*5773;touch=0;hds=1;flash=;sid=d0e2741b9a47eb75;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1615563433310/////1064/1064/1064/1064/1064//1065/1419/1420/1422/2068/2068/2074/2971/2971/;ni=9//4g/0/0/;lvid=1615563435781%3A1615563436284%3A2%3A80db8644912515d455a4794811697987;_=0.07018815155422442;e=RT/load;et=1615563436283
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 12 Mar 2021 15:37:16 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
https://hogwartsnet.ru
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://hogwartsnet.ru
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://hogwartsnet.ru
Keep-Alive
timeout=60
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame F8C5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359265769479039&output=html&h=280&slotname=7570200276&adk=4052269148&adf=697277559&pi=t.ma~as.7570200276&w=1200&fwrn=4&fwrnh=100&lmt=1615563435&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fhogwartsnet.ru%2Fmfanf%2Ffindex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1615563435438&bpp=15&bdt=706&idt=94&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5738043351738&frm=20&pv=2&ga_vid=930508703.1615563436&ga_sid=1615563436&ga_hid=850315922&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=70&ady=574&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068496%2C31060351%2C21065725&oid=3&pvsid=2341875228268285&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=FKH3lHV4M3&p=https%3A//hogwartsnet.ru&dtd=113
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 12:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
11749
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Sat, 12 Mar 2022 12:21:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6359265769479039&plah=hogwartsnet.ru&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:37:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 12 Mar 2021 15:37:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3580 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hogwartsnet.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hogwartsnet.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 12 Mar 2021 14:08:40 GMT
expires
Sat, 12 Mar 2022 14:08:40 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5316
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 3580 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 12:21:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
11749
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Sat, 12 Mar 2022 12:21:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=2341875228268285&bg=!2Nul25jNAAUO7zDoDjsAKQB2-DxaIhQLkEhz7PhsKmLFGDlNmGt-bKBr6O_y-k8j_-VUVSN8H9zWAgAAAHRSAAAAC2gBBwoAeLNAmnL8k-ccCX3z_tCq9JCX_Xwo1FFPIsV5xuemUgYUvMhWRZd0_H1lFLuhERltcHiqe2_rgOvU9SB3tTsMXXofpX-DDed0AzifgL6C6nZqBVewdDtExsi9qhAY47zVrzb8HglxlUIjrPTTR5oqoLJLpJkQyUqJf5kB98bGsVoJzBCRClp5lauRVIiGe6gNNjIkKtj9Qm1FVulRA0TtJ9LAb41OVaNUi7kTGQknlID_DkxcSuGVFIkyWd2Ayni1FwIAsKr8bt3jigWOLdCUF2W0Ee57035OqL4qbEzS6g7B50mR4Qr_700BqJVJ1KMKpUL0kEu_uOnSC3tX4tkuchUTapkeYLZ-SmSh1sdFaJYOllSVPJZIxHAvjk3-Z-EnVo4fOb5a5JGgypPTF2hRg0ENtpfghT6Z05GUnf3IuXOXOSmLxfajnxcO2Wp1d-FbUCvkmGhARBqdk31AbOwUmUpQsDfEmrmc8tIAS39ZJL2nvATA6FEjMrs1Padz0MvVCVNslwAGv32D0_EsRYGgTQY6pC_T49Q8IS95pDOAE0eXmagkMYIdjA6yGZHLOsnvNH9xF_q3M-MzibE6ESoEVQDhSHAD2JbHtn3gcPZzOkI4WGOghFO6gOZna50J6bgtF4DPs7gvsdJolfay_roZzK_xdNbZTigtC6F_oZeHxqxCNdPJVp3cdVGpohKzc_-HmxcZTyhHfW6oOg9HENsMr85RaAL_zepk6XbDRtEdh-0E7WwB42CvwenLVEdRPdWqKkPLIHxM_G4crOFNN1agG3bUNLYHoE3LOg-KzPfDb074FCk6R3-_eAeqJZN-IPZO9jll
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hogwartsnet.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Mar 2021 15:37:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3FE0 		42 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJrob7bz-MYzaPQYpC3o7sIIzfbFQ0vxlTzxxgU7KcHrXRebuZrbQTUDK_sdaaAL9r4Ry_sRWbWL60h-eCOCJ0ToNaI_KTNH-aXldvXWIQZSvdr0pBb3gegxPcWw&sai=AMfl-YT1wWxhbtycpk0m48waPtmizAPnAEA5ZvFreKz5M5EzdhXEJc4A6cNPG3jwba42lZrzZr1UM1TCaRc3&sig=Cg0ArKJSzBAJ_kbGPeQqEAE&id=osdim&mcvt=1001&p=574,70,854,1270&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210310&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4052269148&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1615563435556&dlt=548&rpt=75&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Mar 2021 15:37:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery number| timeout number| closetimer number| ddmenuitem number| ddmenulink string| aColor string| pColor function| jsddm_open function| jsddm_sopen function| jsddm_close function| jsddm_timer function| jsddm_stimer function| jsddm_canceltimer function| chuseFontSize object| adsbygoogle object| _tmr object| Ya object| yaCounter46413156 object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: IDE
Value: AHWqTUnkTj8MGs2q4o57N50vdnmhCNd2CuxpL_Kf9czXQ1LJS_cCQM_fLakf6PylzLU
.hogwartsnet.ru/ Name: tmr_reqNum
Value: 2
.hogwartsnet.ru/ Name: __gads
Value: ID=8444b654c3f33bd7-22a83d12c0ba00b0:T=1615563435:RT=1615563435:S=ALNI_Mb2MpAdIa-Q3ldnleaJMAXRfO4Uew

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
counter.yadro.ru
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hogwartsnet.ru
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
top-fwz1.mail.ru
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
www.hogwartsnet.ru
154.47.36.186
172.217.18.98
217.69.133.145
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a02:6b8::1:119
2a04:4e42:1b::621
88.212.201.210
95.217.35.209
010387cb2a76032377186ea9840ad9fa19b692190dd3db22cc6f03c1b4c0fa7e
011628f1984b140dbb640e0d2c0e933953c13d2d929cb5e145ef0225eb48b217
0d34a982f63e69e7d1376bc4a76a03a845e0cb2534f25a7aa8e4f0735bda94c9
16dd44ffde610065b64f268d38a654ac3617400cfba6bd2ebbcc005ebaee4a7f
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
23c897279bdd00603106844ec9d8af3321f1a0515dedeb3308a35a11caba6765
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
329032c43628a7554b8c9560a83f2056c1dd4bf419e73038f7a6c1c1cf0ddbe9
335bd8392cc990859d58176f602dbc7689f495142ae0008c4eda0f7e98cfe8a9
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
377ee7092af19c39daed104f096ab955a8dcd5bb4d7c4d7922fea197336bea65
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3aeec87f6801fea6bbf4787397dfb34361888abcb8620bca58898891c9068840
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58ee606d66c4ed91e8390282aaa54728de365254b3b3afb8e6d9f54a36fb5ace
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5ab776ef94beacc4a853dd581430798b9d09685232ef19ab056effe43fca27c1
5eb81d209e2f772309cd6f84721d1c97f2f0c8653f854f03059a3fd2d6fe7e72
606fb070e1eaa5681c7ca401690b6e6f9f834fd5948bf5d1bf5b2c6f247a3583
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
642576aeaf9c74876f0b3cdaf8677322a9971a4372d30f008a4e5f210a046bdb
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7c5f0b4a8f57d2cac048ae363649f1119b3d6e939d45c4abb691c45f9511784e
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8ac723e63ec4a5193beb57671bc5827c96255c50c8c4412e7419a41005986492
8cb1324ecf176afa88e7d26b1ed22424b96160087ad26ae3b944cb2417b48e68
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
95e03a49a72c1b3dbe89680ea15d544ddcd690c3388be232e792fdbe66787a50
a23463c1d4275eb57e6e4cdb22bbb4ff7b606bfdf2ac4a6c5fa3247d8050801b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c0186cbd9148cfc8d48d40fab2618158cba3997e4c04e0f47916c243941022
a7f0fca88c4a6ad837324c57daca7e35248fe02612bf6885ce549718ea568197
ada9eeaee2db04f618e0567091adebcb9d34c35d34d409aa0c9249a53afc7c42
b4c2550b07d12bba335752254860f12b44388f449397b9e6e85a8e3f9ed7a6df
bddfa0a9e93e3f1393fa88442e004514098837adfbaa10c276b95acd5e77a3f7
c1f8d4d16efaf872edc61b00e7165750cb3afabe3c38be2935a087b176c3fbe7
c3d79ea6b6502d58aa9bd29a019fb329cf0e74735cfc0a642c8cae119e582f08
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c55d0b87180b2d71c14f03cf1bff86f2fc137bd08999bc14a3b248c6546d8cd8
c660ca66ebc14e5b5acd149d7b910510e5aede0b2428dc3fd098561378bd1e3b
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
e00db7d3373fb5fd2fa2c7f5f7de6a4e90423ee5068404ba02913f6f781150a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb89f5631446bdc6a1f5720d7ce5b3846dc11dc49ae112ef57e0c1afcc9b3ca5
ed0900c70c0640e62ed226bc44584f6330a8009eafeb04f14bc457f68241b6cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e18da557149caf4ada093c072ed53d6644be365b366537f4e18b303402df3
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4bb0491b9a1db4bb873d6e35418763bf2d8b6a15a6df9e4cd89a85f5cbacbc1
fdbd1b50bf803acb5fc252b407ce55dea101693704233152294aa273c1a5a14f